mein-babypaket.com Open in urlscan Pro
185.3.41.66  Malicious Activity! Public Scan

Submitted URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Effective URL: https://mein-babypaket.com/
Submission: On April 10 via manual from US

Summary

This website contacted 37 IPs in 8 countries across 34 domains to perform 145 HTTP transactions. The main IP is 185.3.41.66, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is mein-babypaket.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 1st 2019. Valid for: 3 months.
This is the only time mein-babypaket.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
47 2606:4700:10:... 13335 (CLOUDFLAR...)
1 143.204.101.100 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2.23.104.167 16625 (AKAMAI-AS)
2 2606:2800:234... 15133 (EDGECAST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 52.218.128.134 16509 (AMAZON-02)
1 52.218.201.137 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a03:2880:f02... 32934 (FACEBOOK)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 176.123.9.53 200019 (ASCLOUDATA)
2 6 2a03:2880:f12... 32934 (FACEBOOK)
1 209.197.3.15 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 143.204.101.65 16509 (AMAZON-02)
1 143.204.98.220 16509 (AMAZON-02)
1 198.145.13.14 2044 (IINET-2044)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.251.68.15 16509 (AMAZON-02)
1 1 109.234.39.160 48282 (MCHOST-AS)
1 3 198.143.165.220 32475 (SINGLEHOP...)
1 2a00:1450:401... 15169 (GOOGLE)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 31.170.100.126 201942 (SOLTIA)
1 31.170.100.125 201942 (SOLTIA)
1 1 52.30.81.218 16509 (AMAZON-02)
1 2 52.27.161.170 16509 (AMAZON-02)
3 13 185.3.41.66 34788 (NMM-AS D)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.38.159.129 16276 (OVH)
145 37
Apex Domain
Subdomains
Transfer
54 teaparty.org
www.teaparty.org
campaigns.teaparty.org
1 MB
13 mein-babypaket.com
mein-babypaket.com
469 KB
8 facebook.com
www.facebook.com
staticxx.facebook.com
2 KB
7 gstatic.com
fonts.gstatic.com
81 KB
7 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
39 KB
6 facebook.net
connect.facebook.net
174 KB
4 clickfunnels.com
app.clickfunnels.com
10 KB
3 zadcloud.com
zadcloud.com
64 KB
3 trkgenius.com
up.trkgenius.com
4 KB
3 daphnesik.icu
now.daphnesik.icu
4 KB
3 getclicky.com
static.getclicky.com
in.getclicky.com
7 KB
2 trkpre.com
mango.trkpre.com
4 KB
2 fungiers.com
track.fungiers.com Failed
1 KB
2 rs-stripe.com
branding.rs-stripe.com
4 KB
2 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
57 KB
2 amazonaws.com
static-42andpark-com.s3.amazonaws.com
static-42andpark-com.s3-us-west-2.amazonaws.com
575 B
2 google-analytics.com
www.google-analytics.com
17 KB
2 twitter.com
platform.twitter.com
28 KB
2 addthis.com
s7.addthis.com
221 KB
1 vmwwtracking.com
trk.vmwwtracking.com
2 KB
1 minently.com
minently.com
3 KB
1 ytimg.com
s.ytimg.com
8 KB
1 ectuerpartie.tk
ectuerpartie.tk
282 B
1 addevent.com
track.addevent.com
559 B
1 youtube.com
www.youtube.com
944 B
1 cloudfront.net
d26b395fwzu5fz.cloudfront.net
9 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
7 KB
1 hellofromhony.org
hellofromhony.org
4 KB
1 google.com
adservice.google.com
171 B
1 google.de
adservice.google.de
171 B
1 googletagservices.com
www.googletagservices.com
11 KB
1 pushnami.com
api.pushnami.com
7 KB
0 addthisedge.com Failed
m.addthisedge.com Failed
0 rev-stripe.com Failed
tr.rev-stripe.com Failed
145 34
Domain Requested by
47 www.teaparty.org www.teaparty.org
13 mein-babypaket.com 3 redirects mein-babypaket.com
7 campaigns.teaparty.org www.teaparty.org
campaigns.teaparty.org
7 fonts.gstatic.com www.teaparty.org
mein-babypaket.com
6 www.facebook.com 2 redirects www.teaparty.org
connect.facebook.net
6 connect.facebook.net www.teaparty.org
connect.facebook.net
campaigns.teaparty.org
6 fonts.googleapis.com www.teaparty.org
campaigns.teaparty.org
mein-babypaket.com
4 app.clickfunnels.com campaigns.teaparty.org
3 zadcloud.com mein-babypaket.com
3 up.trkgenius.com 1 redirects now.daphnesik.icu
up.trkgenius.com
3 now.daphnesik.icu 1 redirects hellofromhony.org
now.daphnesik.icu
2 mango.trkpre.com 1 redirects track.fungiers.com
2 track.fungiers.com minently.com
track.fungiers.com
2 branding.rs-stripe.com www.teaparty.org
2 staticxx.facebook.com connect.facebook.net
2 www.google-analytics.com 1 redirects www.teaparty.org
2 static.getclicky.com www.teaparty.org
2 platform.twitter.com www.teaparty.org
platform.twitter.com
2 s7.addthis.com www.teaparty.org
1 ajax.googleapis.com mein-babypaket.com
1 trk.vmwwtracking.com 1 redirects
1 minently.com
1 s.ytimg.com www.youtube.com
1 ectuerpartie.tk 1 redirects
1 track.addevent.com campaigns.teaparty.org
1 www.youtube.com campaigns.teaparty.org
1 in.getclicky.com static.getclicky.com
1 d26b395fwzu5fz.cloudfront.net campaigns.teaparty.org
1 maxcdn.bootstrapcdn.com campaigns.teaparty.org
1 hellofromhony.org www.teaparty.org
1 securepubads.g.doubleclick.net www.googletagservices.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com www.teaparty.org
1 stats.g.doubleclick.net www.teaparty.org
1 static-42andpark-com.s3-us-west-2.amazonaws.com www.teaparty.org
1 static-42andpark-com.s3.amazonaws.com www.teaparty.org
1 api.pushnami.com www.teaparty.org
0 m.addthisedge.com Failed s7.addthis.com
0 tr.rev-stripe.com Failed
145 40

This site contains no links.

Subject Issuer Validity Valid
ssl471117.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-01-22 -
2019-07-31
6 months crt.sh
*.pushnami.com
Amazon
2018-06-29 -
2019-07-29
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2019-08-05
4 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year crt.sh
ssl468981.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-01-21 -
2019-07-30
6 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-07 -
2020-02-07
a year crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-08 -
2019-11-06
a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-03-26 -
2019-06-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-03-08 -
2019-06-06
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
campaigns.teaparty.org
CloudFlare Inc ECC CA-2
2018-10-04 -
2019-10-04
a year crt.sh
hellofromhony.org
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh
ssl566619.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-17 -
2019-09-23
6 months crt.sh
branding.revenuestripe.com
Amazon
2018-12-01 -
2020-01-01
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year crt.sh
*.getclicky.com
COMODO RSA Domain Validation Secure Server CA
2018-10-29 -
2020-10-15
2 years crt.sh
addevent.com
Amazon
2018-05-09 -
2019-06-09
a year crt.sh
now.daphnesik.icu
Let's Encrypt Authority X3
2019-03-05 -
2019-06-03
3 months crt.sh
up.trkgenius.com
Let's Encrypt Authority X3
2019-03-22 -
2019-06-20
3 months crt.sh
minently.com
Let's Encrypt Authority X3
2019-01-22 -
2019-04-22
3 months crt.sh
track.fathew.com
Let's Encrypt Authority X3
2019-01-31 -
2019-05-01
3 months crt.sh
*.trtrak.com
Amazon
2019-01-15 -
2020-02-15
a year crt.sh
mein-babypaket.com
Let's Encrypt Authority X3
2019-03-01 -
2019-05-30
3 months crt.sh
zadcloud.com
Let's Encrypt Authority X3
2019-02-17 -
2019-05-18
3 months crt.sh

This page contains 9 frames:

Primary Page: https://mein-babypaket.com/
Frame ID: 4AAD11875B0138EC190E79287E632906
Requests: 119 HTTP requests in this frame

Frame: https://static-42andpark-com.s3.amazonaws.com/html/danaton3.html?adname=&adid=
Frame ID: 3EE6E46E12A7012DD2B7F3C989BBBC58
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.teaparty.org/lock-em-up-survey
Frame ID: F2539E61A96793C43041A548809DED07
Requests: 19 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 57093A9E470018A6B9AC0C4A0DB3F90D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.teaparty.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 60A047C768BA1BA4963F0ACF6E28BA61
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 777717921DEB0F5CEF963E4062A99DEF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df378e6b218cad1%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fteapartyorg&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: EC19607FCFC6D3700947DD566C00C415
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&color_scheme=light&container_width=600&height=100&href=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&locale=en_US&mobile=false&sdk=joey&skin=light
Frame ID: 597EE801EB9E830AB01CB4882653EA8E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B81487759EB91607E435D3D2C9345AC3
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/ Page URL
  2. http://ectuerpartie.tk/index/?4831537102803 HTTP 301
    https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsd... Page URL
  3. https://now.daphnesik.icu/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd495... Page URL
  4. https://now.daphnesik.icu/proc.php?40d4086cd02f1d4c8456231e0db1cfaaba937b81 HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=667824702370086... Page URL
  5. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869... Page URL
  6. https://up.trkgenius.com/out.php?v=a4a4fcb0580c0c89752f37cad98a5d63 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  7. https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b... Page URL
  8. http://trk.vmwwtracking.com/aff_c?offer_id=1135&aff_id=1695&file_id=8949&source=M2019041012-a27a18264287... HTTP 302
    https://mango.trkpre.com/click/LP8jjtElnx?cid=102d4ef72911b46580019095f6e728&sub-id=1695&sub-id2=&fir... HTTP 302
    https://mango.trkpre.com/main/d.php?s=1&link=http%3A%2F%2Fmein-babypaket.com%3FPR_ID%3DAF-gmp118-8597... Page URL
  9. http://mein-babypaket.com/?PR_ID=AF-gmp118-8597&token-id=P8jjtElnTV-5cade669e4c61b5ed102806c&sub-id=&s... HTTP 301
    https://mein-babypaket.com/?PR_ID=AF-gmp118-8597&token-id=P8jjtElnTV-5cade669e4c61b5ed102806c&sub-id=&s... HTTP 303
    https://mein-babypaket.com/?redirectSessionTest=1 HTTP 303
    https://mein-babypaket.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

145
Requests

88 %
HTTPS

45 %
IPv6

34
Domains

40
Subdomains

37
IPs

8
Countries

2680 kB
Transfer

5881 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/ Page URL
  2. http://ectuerpartie.tk/index/?4831537102803 HTTP 301
    https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign Page URL
  3. https://now.daphnesik.icu/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf295919d8592f4f5fbcbf9fffeffccfcf0f3f0c1c6c792 Page URL
  4. https://now.daphnesik.icu/proc.php?40d4086cd02f1d4c8456231e0db1cfaaba937b81 HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608 Page URL
  5. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608&m=A.oWNkopAP5VNQwIeEKUqAMJ-cGz4t_o7CuMD7kitoHPk4qMI7qPk4uqIaJckC2.qiH.IjXf49ds-qEiaZ2bs12nHJto4N_fec5fevdI-NEII7JzuNkJpM Page URL
  6. https://up.trkgenius.com/out.php?v=a4a4fcb0580c0c89752f37cad98a5d63 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx Page URL
  7. https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/ Page URL
  8. http://trk.vmwwtracking.com/aff_c?offer_id=1135&aff_id=1695&file_id=8949&source=M2019041012-a27a18264287f678de7fb8ae659c55ae&aff_sub=185392&firstname={firstname}&lastname={lastname}&email={email} HTTP 302
    https://mango.trkpre.com/click/LP8jjtElnx?cid=102d4ef72911b46580019095f6e728&sub-id=1695&sub-id2=&firstname={firstname}&lastname={lastname}&mail={email}&title={title} HTTP 302
    https://mango.trkpre.com/main/d.php?s=1&link=http%3A%2F%2Fmein-babypaket.com%3FPR_ID%3DAF-gmp118-8597%26token-id%3DP8jjtElnTV-5cade669e4c61b5ed102806c%26sub-id%3D%26sub-id2%3D%26sub-id%3D1695%26sub-id2%3D%26firstname%3D%257Bfirstname%257D%26lastname%3D%257Blastname%257D%26mail%3D%257Bemail%257D%26title%3D%257Btitle%257D%26ept2%3Da41316bd-aee7-470e-87bd-4921f3189d10 Page URL
  9. http://mein-babypaket.com/?PR_ID=AF-gmp118-8597&token-id=P8jjtElnTV-5cade669e4c61b5ed102806c&sub-id=&sub-id2=&sub-id=1695&sub-id2=&firstname=%7Bfirstname%7D&lastname=%7Blastname%7D&mail=%7Bemail%7D&title=%7Btitle%7D&ept2=a41316bd-aee7-470e-87bd-4921f3189d10 HTTP 301
    https://mein-babypaket.com/?PR_ID=AF-gmp118-8597&token-id=P8jjtElnTV-5cade669e4c61b5ed102806c&sub-id=&sub-id2=&sub-id=1695&sub-id2=&firstname=%7Bfirstname%7D&lastname=%7Blastname%7D&mail=%7Bemail%7D&title=%7Btitle%7D&ept2=a41316bd-aee7-470e-87bd-4921f3189d10 HTTP 303
    https://mein-babypaket.com/?redirectSessionTest=1 HTTP 303
    https://mein-babypaket.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1131064787&t=pageview&_s=1&dl=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&ul=en-us&de=UTF-8&dt=Canadian%20Man%20Fined%20%2455k%20For%20%E2%80%98Misgendering%E2%80%99%20Transgender%20Female%20-%20Tea%20Party%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABC~&jid=815112600&gjid=491281373&cid=466962041.1554900581&tid=UA-32522776-1&_gid=823933487.1554900581&_r=1&z=2083772735 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32522776-1&cid=466962041.1554900581&jid=815112600&_gid=823933487.1554900581&gjid=491281373&_v=j73&z=2083772735
Request Chain 85
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4357 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4357
Request Chain 86
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4551 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4551
Request Chain 87
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4547 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4547
Request Chain 88
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=10547 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=10547
Request Chain 89
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
Request Chain 90
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
Request Chain 91
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
Request Chain 92
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
Request Chain 96
  • https://www.facebook.com/connect/ping?client_id=461404847254579&domain=www.teaparty.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df71f03af71f4ac%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Request Chain 98
  • https://www.facebook.com/plugins/comments.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&color_scheme=light&container_width=600&height=100&href=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&locale=en_US&mobile=false&sdk=joey&skin=light HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&color_scheme=light&container_width=600&height=100&href=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&locale=en_US&mobile=false&sdk=joey&skin=light
Request Chain 110
  • http://ectuerpartie.tk/index/?4831537102803 HTTP 301
  • https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
Request Chain 113
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9204 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9204
Request Chain 114
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4548 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4548
Request Chain 115
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4549 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4549
Request Chain 116
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4358 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4358
Request Chain 117
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9151 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9151
Request Chain 118
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9155 HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9155
Request Chain 120
  • https://now.daphnesik.icu/proc.php?40d4086cd02f1d4c8456231e0db1cfaaba937b81 HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
Request Chain 122
  • https://up.trkgenius.com/out.php?v=a4a4fcb0580c0c89752f37cad98a5d63 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx
Request Chain 126
  • http://trk.vmwwtracking.com/aff_c?offer_id=1135&aff_id=1695&file_id=8949&source=M2019041012-a27a18264287f678de7fb8ae659c55ae&aff_sub=185392&firstname={firstname}&lastname={lastname}&email={email} HTTP 302
  • https://mango.trkpre.com/click/LP8jjtElnx?cid=102d4ef72911b46580019095f6e728&sub-id=1695&sub-id2=&firstname={firstname}&lastname={lastname}&mail={email}&title={title} HTTP 302
  • https://mango.trkpre.com/main/d.php?s=1&link=http%3A%2F%2Fmein-babypaket.com%3FPR_ID%3DAF-gmp118-8597%26token-id%3DP8jjtElnTV-5cade669e4c61b5ed102806c%26sub-id%3D%26sub-id2%3D%26sub-id%3D1695%26sub-id2%3D%26firstname%3D%257Bfirstname%257D%26lastname%3D%257Blastname%257D%26mail%3D%257Bemail%257D%26title%3D%257Btitle%257D%26ept2%3Da41316bd-aee7-470e-87bd-4921f3189d10

145 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
75 KB
18 KB
Document
General
Full URL
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0dcd8bc8579c3d7ed993cf29aa4c84d46685d707a74cb2f8456b0a4db50cb7

Request headers

:method
GET
:authority
www.teaparty.org
:scheme
https
:path
/canadian-man-fined-55k-misgendering-transgender-female-355541/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 10 Apr 2019 12:49:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; expires=Thu, 09-Apr-20 12:49:40 GMT; path=/; domain=.teaparty.org; HttpOnly X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; path=/
vary
Accept-Encoding
cache-control
max-age=3600
x-cache
cached
x-pingback
https://www.teaparty.org/xmlrpc.php
link
<https://www.teaparty.org/wp-json/>; rel="https://api.w.org/" <https://www.teaparty.org/?p=355541>; rel=shortlink
expires
Wed, 10 Apr 2019 13:25:44 GMT
age
1437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4c54d794ccc8c2c4-FRA
content-encoding
gzip
bootstrap.min.css
www.teaparty.org/wp-content/themes/teaparty/css/
98 KB
17 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/css/bootstrap.min.css
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

:path
/wp-content/themes/teaparty/css/bootstrap.min.css
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
x-cache-info
caching
content-length
17162
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"18679-5492ab0b22f1f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d79809b8c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
jquery.fancybox.css
www.teaparty.org/wp-content/themes/teaparty/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/css/jquery.fancybox.css
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

:path
/wp-content/themes/teaparty/css/jquery.fancybox.css
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=4895
x-cache
cached
status
200
x-cache-info
caching
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"131f-5492ab0b23307-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d79809bac2c4-FRA
cf-bgj
minify
5a43e2b213f050433847cad2
api.pushnami.com/scripts/v1/pushnami-adv/
26 KB
7 KB
Script
General
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5a43e2b213f050433847cad2
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.100 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-100.fra50.r.cloudfront.net
Software
/
Resource Hash
6d32bfb24381e7f3dcdaf400e5e1c6dbfb70b09a271e475743f8f9c1d13cf042

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:45:32 GMT
content-encoding
gzip
age
249
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
x-amz-cf-id
AfEGd_qgEQwxJMDKujvvMeHL6Ui-GdGIs31J3MpFFe45VTHtnufw6A==
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
wp-emoji-release.min.js
www.teaparty.org/wp-includes/js/
11 KB
4 KB
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/wp-emoji-release.min.js?ver=4.7.3
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=4.7.3
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
uncached
status
200
content-length
4230
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"2c96-5492ab0b4c34b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7983a75c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
validationEngine.jquery.css
www.teaparty.org/wp-content/plugins/wysija-newsletters/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/wysija-newsletters/css/validationEngine.jquery.css?ver=2.7.5
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdd54fc29479aa22c3a6622a9259e560702c3fc66835578dab936308611fbc7

Request headers

:path
/wp-content/plugins/wysija-newsletters/css/validationEngine.jquery.css?ver=2.7.5
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=4685
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"124d-5492ab0af682b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bca9c2c4-FRA
cf-bgj
minify
jellyfish-counter.css
www.teaparty.org/wp-content/plugins/jellyfish-counter-widget/jellyfish-odometer-class/css/
1 KB
572 B
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/jellyfish-counter-widget/jellyfish-odometer-class/css/jellyfish-counter.css?ver=4.7.3
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f5690795c94dbda993b45502887298c1e0fcb304d0740bdb78445812e879d4

Request headers

:path
/wp-content/plugins/jellyfish-counter-widget/jellyfish-odometer-class/css/jellyfish-counter.css?ver=4.7.3
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=1864
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"748-5492ab0a3fe3a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bcaac2c4-FRA
cf-bgj
minify
styles.css
www.teaparty.org/wp-content/plugins/contact-form-7/includes/css/
1 KB
678 B
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2810c25d2c5bb556a47609c0869ddc92d7df222eb58b5260bacd8ab798569ee

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=1584
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"630-5492ab0a1911f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bcabc2c4-FRA
cf-bgj
minify
style.css
www.teaparty.org/wp-content/plugins/wp-post-navigation/
777 B
413 B
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/wp-post-navigation/style.css?ver=4.7.3
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dc85c34ee90310850b08a9846d30ce1ad1aa843e7fb06808574f650dff68cd

Request headers

:path
/wp-content/plugins/wp-post-navigation/style.css?ver=4.7.3
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=921
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"399-5492ab0af317b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bcaec2c4-FRA
cf-bgj
minify
style.css
www.teaparty.org/wp-content/plugins/yuzo-related-post/assets/css/
9 KB
1 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/yuzo-related-post/assets/css/style.css?ver=5.12.68
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c32339f2b53b94685c47decc940ccfb07e6dab530e38713d409cedc8a44470d

Request headers

:path
/wp-content/plugins/yuzo-related-post/assets/css/style.css?ver=5.12.68
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=11480
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"2cd8-5492ab0b17f56-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bcafc2c4-FRA
cf-bgj
minify
frontend.css
www.teaparty.org/wp-content/plugins/download-monitor/assets/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=4.7.3
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d69fb19a4d8ec51f92e20c0c6f682c41316545595166bb040736b143b001d5a

Request headers

:path
/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=4.7.3
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
cf-bgj
minify
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"13e5-5492ab0a1b82f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536011
cf-ray
4c54d798bcb0c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
css
fonts.googleapis.com/
5 KB
633 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
86bff290c65ba257fe76fdf1b17fe8cb104b386fd6733f7cea38a3c92bb384d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Apr 2019 12:49:41 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 12:49:41 GMT
genericons.css
www.teaparty.org/wp-content/themes/teaparty/genericons/
20 KB
12 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/genericons/genericons.css?ver=20180131
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
711be9eae8b0f5f74799bdb32d514904b0926e74961bfddc70a0911bd383c5c0

Request headers

:path
/wp-content/themes/teaparty/genericons/genericons.css?ver=20180131
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=22680
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"5898-5492ab0b23ad8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bcb4c2c4-FRA
cf-bgj
minify
style.css
www.teaparty.org/wp-content/themes/teaparty/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f8846c97890489c47275abcac54342e7f44b46f8cad5ff204d2b1bdd8d09cf

Request headers

:path
/wp-content/themes/teaparty/style.css?ver=20180131
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=44542
x-cache
uncached
status
200
pragma
public
last-modified
Fri, 28 Jul 2017 20:32:10 GMT
server
cloudflare
etag
W/"adfe-5556693547a9b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798bcb8c2c4-FRA
cf-bgj
minify
app.css
www.teaparty.org/wp-content/themes/teaparty/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/assets/css/app.css?ver=20180131
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0842f3311263f7d820d9300a2874d28faa2d4e4fc87a00306c453d316fba98

Request headers

:path
/wp-content/themes/teaparty/assets/css/app.css?ver=20180131
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
uncached
status
200
cf-bgj
minify
pragma
public
last-modified
Tue, 19 Sep 2017 22:08:07 GMT
server
cloudflare
etag
W/"107f-55992181225eb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536011
cf-ray
4c54d798bcb9c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
fbseo-style.css
www.teaparty.org/wp-content/plugins/seo-facebook-comments/assets/
158 B
254 B
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/seo-facebook-comments/assets/fbseo-style.css?ver=4.7.3
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11ca23f7061b98c093a671a87e2ac4094540570cfdc2d3d84bd3a06f766a013

Request headers

:path
/wp-content/plugins/seo-facebook-comments/assets/fbseo-style.css?ver=4.7.3
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=872
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"368-5492ab0a41d7b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798ccbcc2c4-FRA
cf-bgj
minify
jquery.js
www.teaparty.org/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=97184
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"17ba0-5492ab0b43a92-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798cceac2c4-FRA
cf-bgj
minify
jquery-migrate.min.js
www.teaparty.org/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
4014
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"2748-5492ab0b436aa-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d798ccefc2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
compat.min.js
www.teaparty.org/wp-content/plugins/thrive-visual-editor/editor/js/
107 B
180 B
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-visual-editor/editor/js/compat.min.js?ver=1.500.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
787932f10fba4dd5e31a27057d538d7bd7cbf7836311b4fb9ec234a2839122d3

Request headers

:path
/wp-content/plugins/thrive-visual-editor/editor/js/compat.min.js?ver=1.500.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
uncached
status
200
content-length
97
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
"6b-5492ab0a92a7a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d798ccf9c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
css
fonts.googleapis.com/
3 KB
544 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bb5608a893aec2a0508df7d4433990f7e8e413873c081e503397622fecb33853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Apr 2019 12:49:41 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 12:49:41 GMT
css
fonts.googleapis.com/
7 KB
678 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,700
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Apr 2019 12:49:41 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 12:49:41 GMT
css
fonts.googleapis.com/
8 KB
694 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
30f732659266c40ba78d7b0ca00d5e9fb5514a8eceb5a93a9c4f71d2d3518eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Apr 2019 12:49:41 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 12:49:41 GMT
addthis_widget.js
s7.addthis.com/js/300/
344 KB
110 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-23-104-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
etag
"5c77f111-561d6"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
logo.png
www.teaparty.org/wp-content/themes/teaparty/images/
63 KB
63 KB
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/logo.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
112598aec18a565ba20e3b8e98effb939ac9a44b2030966dc54de7167d16cb7c

Request headers

:path
/wp-content/themes/teaparty/images/logo.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=106821
x-cache
cached
status
200
x-cache-info
cached
content-disposition
inline; filename="logo.webp"
content-length
64462
pragma
public
last-modified
Wed, 26 Apr 2017 18:15:50 GMT
server
cloudflare
etag
"1a145-54e15d48e3f4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d798ccfdc2c4-FRA
cf-bgj
imgq:100
social-fb.png
www.teaparty.org/wp-content/themes/teaparty/images/
198 B
445 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/social-fb.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1d8981cdd6614ba3bea139efa8cea96c41f10684c165259ad0843b4d0bc90e

Request headers

:path
/wp-content/themes/teaparty/images/social-fb.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=2868, status=webp_bigger
x-cache
cached
status
200
x-cache-info
caching
content-length
198
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"b34-5492ab0b288f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d798cd01c2c4-FRA
cf-bgj
imgq:100
social-twitter.png
www.teaparty.org/wp-content/themes/teaparty/images/
396 B
613 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/social-twitter.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c369d7f71ddeac7e19c0d0e33f1fc6263467b693bfb84cbb336f0977119247e5

Request headers

:path
/wp-content/themes/teaparty/images/social-twitter.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=3112, status=webp_bigger
x-cache
cached
status
200
x-cache-info
caching
content-length
396
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"c28-5492ab0b288f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d7992ed9c2c4-FRA
cf-bgj
imgq:100
social-gplus.png
www.teaparty.org/wp-content/themes/teaparty/images/
445 B
556 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/social-gplus.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d8fc1cc14db8f9ebd14638b0530030bb3c7d1dab71f5e0ec558a6594658cd4

Request headers

:path
/wp-content/themes/teaparty/images/social-gplus.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=3143, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
445
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"c47-5492ab0b288f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d7992edbc2c4-FRA
cf-bgj
imgq:100
widgets.js
platform.twitter.com/
93 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
Server
ECS (fcn/40E2)
Etag
"4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28028
addthis_widget.js
s7.addthis.com/js/250/
344 KB
110 KB
Script
General
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-23-104-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
etag
"5c77f111-561d6"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
jquery.fancybox.pack.js
www.teaparty.org/wp-content/themes/teaparty/js/
23 KB
8 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/js/jquery.fancybox.pack.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e

Request headers

:path
/wp-content/themes/teaparty/js/jquery.fancybox.pack.js
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=23135
x-cache
cached
status
200
x-cache-info
caching
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"5a5f-5492ab0b294b0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798fdffc2c4-FRA
cf-bgj
minify
bootstrap.min.js
www.teaparty.org/wp-content/themes/teaparty/js/
28 KB
8 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/js/bootstrap.min.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e59731a05ac4ea5c4df6a4a3b36107d9ec13c08bb59857fd6b71868f1e8f0115

Request headers

:path
/wp-content/themes/teaparty/js/bootstrap.min.js
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
uncached
status
200
x-cache-info
caching
content-length
7684
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"71bb-5492ab0b290c8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992eb8c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
thrive_flat.css
www.teaparty.org/wp-content/plugins/thrive-visual-editor/editor/css/
239 KB
31 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=1.500.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36bfaa5303a852966e6cb9f5d932b7e1a133856464a6d3552822d529cc33dd1

Request headers

:path
/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=1.500.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=246610
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"3c352-5492ab0a9036a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798cd02c2c4-FRA
cf-bgj
minify
frontend.css
www.teaparty.org/wp-content/plugins/thrive-leads/editor-layouts/css/
64 KB
6 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-leads/editor-layouts/css/frontend.css?ver=1.95.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e313d3a35d56857de57058e3f0417533c54d66a4847c72638d4f82f7f524803

Request headers

:path
/wp-content/plugins/thrive-leads/editor-layouts/css/frontend.css?ver=1.95.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=65713
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"100b1-5492ab0a4e4b4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798cd08c2c4-FRA
cf-bgj
minify
blank_set.css
www.teaparty.org/wp-content/plugins/thrive-leads/editor-templates/_form_css/
12 KB
2 KB
Stylesheet
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-leads/editor-templates/_form_css/blank_set.css?ver=1.95.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16de38d22e3f5fc336e40b41fa1fe872224f3cd43e664683fcaf286bc3e82235

Request headers

:path
/wp-content/plugins/thrive-leads/editor-templates/_form_css/blank_set.css?ver=1.95.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=12524
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"30ec-5492ab0a503f4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d798cd0bc2c4-FRA
cf-bgj
minify
jquery.form.min.js
www.teaparty.org/wp-content/plugins/contact-form-7/includes/js/
15 KB
6 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
5860
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
"3b90-5492ab0a198ef-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ebac2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
scripts.js
www.teaparty.org/wp-content/plugins/contact-form-7/includes/js/
10 KB
3 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
701320ad0e56e545c115bffe4bba636e0979d20cec4f2e7f2036af15cb9cefd4

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=12106
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
W/"2f4a-5492ab0a198ef-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d7992ebec2c4-FRA
cf-bgj
minify
yuzo-postviews-cache.js
www.teaparty.org/wp-content/plugins/yuzo-related-post/assets/js/
216 B
299 B
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/yuzo-related-post/assets/js/yuzo-postviews-cache.js?ver=5.12.68
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
810399a59de3d8605cd7822be23f95793bcaaac487f16174d4e29a37b6cbe77f

Request headers

:path
/wp-content/plugins/yuzo-related-post/assets/js/yuzo-postviews-cache.js?ver=5.12.68
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=240
x-cache
cached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"f0-5492ab0b2274f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d7992ec2c2c4-FRA
cf-bgj
minify
jquery.equalizer.js
www.teaparty.org/wp-content/plugins/yuzo-related-post/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/yuzo-related-post/assets/js/jquery.equalizer.js?ver=5.12.68
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f55eecdb048ac1246ffa57316474b098aa470a3eccbaa0b11a33af918f15bb8

Request headers

:path
/wp-content/plugins/yuzo-related-post/assets/js/jquery.equalizer.js?ver=5.12.68
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=6431
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"191f-5492ab0b2274f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d7992ec3c2c4-FRA
cf-bgj
minify
imagesloaded.min.js
www.teaparty.org/wp-includes/js/
8 KB
3 KB
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840

Request headers

:path
/wp-includes/js/imagesloaded.min.js?ver=3.2.0
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
2477
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"1f3a-5492ab0b42eda-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ec4c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
masonry.min.js
www.teaparty.org/wp-includes/js/
28 KB
8 KB
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2

Request headers

:path
/wp-includes/js/masonry.min.js?ver=3.3.2
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
uncached
status
200
content-length
8525
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"711a-5492ab0b459d3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ec5c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
jquery.masonry.min.js
www.teaparty.org/wp-includes/js/jquery/
2 KB
848 B
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

:path
/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
716
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"71b-5492ab0b43a92-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ec6c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
functions.js
www.teaparty.org/wp-content/themes/teaparty/js/
2 KB
989 B
Script
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/js/functions.js?ver=20180131
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb677641caf412c077356f6355bc5d3bbfc6380ba9f835e07e1f182cf04c356

Request headers

:path
/wp-content/themes/teaparty/js/functions.js?ver=20180131
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=3380
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
W/"d34-5492ab0b290c8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d7992ecac2c4-FRA
cf-bgj
minify
app.js
www.teaparty.org/wp-content/themes/teaparty/assets/js/
32 KB
3 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/assets/js/app.js?ver=20180131
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e6d7765988a82de04c32036cd1ac72b596dcba8c6dbb0e673e8ffcfce9341d8

Request headers

:path
/wp-content/themes/teaparty/assets/js/app.js?ver=20180131
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=32357
x-cache
uncached
status
200
pragma
public
last-modified
Thu, 05 Oct 2017 19:17:08 GMT
server
cloudflare
etag
W/"7e65-55ad1920c42d7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 09 Apr 2020 12:49:52 GMT
cache-control
public, max-age=31536011
cf-ray
4c54d7992ecbc2c4-FRA
cf-bgj
minify
frontend.min.js
www.teaparty.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/
898 B
613 B
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=1.0.33
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14dee1db7f8ce563e1560e4c71e47bf5329247aac33363fc076784a4864f798

Request headers

:path
/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=1.0.33
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
521
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"382-5492ab0ac04f6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ecec2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
wp-embed.min.js
www.teaparty.org/wp-includes/js/
1 KB
836 B
Script
General
Full URL
https://www.teaparty.org/wp-includes/js/wp-embed.min.js?ver=4.7.3
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.7.3
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
751
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"576-5492ab0b4c34b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ed0c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
thrive_content_builder_frontend.min.js
www.teaparty.org/wp-content/plugins/thrive-visual-editor/editor/js/
36 KB
11 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-visual-editor/editor/js/thrive_content_builder_frontend.min.js?ver=1.500.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae244ce24caf95c958502ccb0a8c15b845d059ddaa93b2e549f5b9e4cee6817

Request headers

:path
/wp-content/plugins/thrive-visual-editor/editor/js/thrive_content_builder_frontend.min.js?ver=1.500.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
cached
status
200
content-length
10737
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
"905c-5492ab0a93a1a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ed4c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
frontend.min.js
www.teaparty.org/wp-content/plugins/thrive-leads/js/
20 KB
5 KB
Script
General
Full URL
https://www.teaparty.org/wp-content/plugins/thrive-leads/js/frontend.min.js?ver=1.95.6
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0734676e0ee7d4c3dd7f42a8573769a79b89ea657df3e8f8864c6ae035c27ed7

Request headers

:path
/wp-content/plugins/thrive-leads/js/frontend.min.js?ver=1.95.6
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
uncached
status
200
content-length
5173
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:04 GMT
server
cloudflare
etag
"50f1-5492ab0a634a6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536011
accept-ranges
bytes
cf-ray
4c54d7992ed7c2c4-FRA
expires
Thu, 09 Apr 2020 12:49:52 GMT
badge.gif
static.getclicky.com/media/links/
241 B
351 B
Image
General
Full URL
https://static.getclicky.com/media/links/badge.gif
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Apr 2016 00:13:35 GMT
server
cloudflare
etag
"570d8f2f-f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
x-proxy-cache
HIT
accept-ranges
bytes
cf-ray
4c54d7996ed76457-FRA
content-length
241
expires
Wed, 17 Apr 2019 12:49:41 GMT
js
static.getclicky.com/
15 KB
6 KB
Script
General
Full URL
https://static.getclicky.com/js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=604800
cf-ray
4c54d7996ed66457-FRA
x-proxy-cache
HIT
expires
Wed, 17 Apr 2019 12:49:41 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3765
date
Wed, 10 Apr 2019 11:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Wed, 10 Apr 2019 13:46:56 GMT
danaton3.html
static-42andpark-com.s3.amazonaws.com/html/ Frame 3EE6
0
0
Document
General
Full URL
https://static-42andpark-com.s3.amazonaws.com/html/danaton3.html?adname=&adid=
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.128.134 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
static-42andpark-com.s3.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

x-amz-id-2
82F6hRlRLWU5dSKpv4sLCJVnlx/5xoicdiN0C0rVuNlyXnjwI8VJKlUyrchUta+yvmZKLx5BEaA=
x-amz-request-id
1D98D72E418FE588
Date
Wed, 10 Apr 2019 12:49:42 GMT
Last-Modified
Thu, 03 Aug 2017 13:31:36 GMT
ETag
"1f35b7c6001c901536eca5ac749d5118"
x-amz-meta-cb-modifiedtime
Thu, 03 Aug 2017 13:31:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
2749
Server
AmazonS3
ad-300x250.png
static-42andpark-com.s3-us-west-2.amazonaws.com/ads/
171 B
575 B
Image
General
Full URL
https://static-42andpark-com.s3-us-west-2.amazonaws.com/ads/ad-300x250.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.201.137 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:42 GMT
Last-Modified
Sun, 25 Nov 2018 19:40:39 GMT
Server
AmazonS3
x-amz-request-id
D9CA1172134A4665
ETag
"c0a02179badbd76fcc8df4269d1e8473"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
171
x-amz-id-2
9VPjp0P41FwmNFnEZFFNgelvTfzvdE6L5lJcoXcAOL3d6f+Tylk10H9paVEUy97MhVyaZIMs0Z8=
x-amz-meta-s3b-last-modified
20181125T192628Z
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1131064787&t=pageview&_s=1&dl=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&ul=en-us&de=U...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32522776-1&cid=466962041.1554900581&jid=815112600&_gid=823933487.1554900581&gjid=491281373&_v=j73&z=2083772735
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32522776-1&cid=466962041.1554900581&jid=815112600&_gid=823933487.1554900581&gjid=491281373&_v=j73&z=2083772735
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:41 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Apr 2019 12:49:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32522776-1&cid=466962041.1554900581&jid=815112600&_gid=823933487.1554900581&gjid=491281373&_v=j73&z=2083772735
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
43 KB
11 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
97fe7b6c82efcdb3e6ad524fd4e85f82bdc048d4dccaf642d597967c0b0bb9c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"131 / 393 of 1000 / last-modified: 1554846738"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
11297
x-xss-protection
0
expires
Wed, 10 Apr 2019 12:49:41 GMT
fbevents.js
connect.facebook.net/en_US/
53 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
wPzmurBeu9KFgbU0l294rirqJkQGTlIw5uTlpWli9l+aTJ3isFsvpe1H3rWR+Djxppt2bWKLav2Vxq6y3Er44w==
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
15397
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg-header.jpg
www.teaparty.org/wp-content/themes/teaparty/images/
20 KB
20 KB
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/bg-header.jpg
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb62874250c2fe9ab6da9a15aa3ebd9f9c18149fce3e30cc18c8c704c0e5c58

Request headers

:path
/wp-content/themes/teaparty/images/bg-header.jpg
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
:scheme
https
:method
GET
Referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=32492, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
20590
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"7eec-5492ab0b265d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d799e9f9c2c4-FRA
cf-bgj
imgq:100
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v17/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v17/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300
Origin
https://www.teaparty.org

Response headers

date
Mon, 25 Mar 2019 20:28:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:41 GMT
server
sffe
age
1354875
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11052
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:28:26 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v17/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v17/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300
Origin
https://www.teaparty.org

Response headers

date
Mon, 25 Mar 2019 20:23:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:46 GMT
server
sffe
age
1355180
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10968
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:23:21 GMT
bill-whatcott-returns-to-u-of-r-campus_zpsraf2bpvt-1200x630.jpg
www.teaparty.org/wp-content/uploads/2019/04/
152 KB
152 KB
Image
General
Full URL
https://www.teaparty.org/wp-content/uploads/2019/04/bill-whatcott-returns-to-u-of-r-campus_zpsraf2bpvt-1200x630.jpg
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd1d271d229741cbc5e2630483f9926c398cb76c343090232cdf8560a7a5968

Request headers

:path
/wp-content/uploads/2019/04/bill-whatcott-returns-to-u-of-r-campus_zpsraf2bpvt-1200x630.jpg
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:scheme
https
:method
GET
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=166871, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
155645
pragma
public
last-modified
Sun, 07 Apr 2019 21:05:17 GMT
server
cloudflare
etag
"28bd7-585f713aeb94d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d79a0a97c2c4-FRA
cf-bgj
imgq:100
facebookIcon.png
www.teaparty.org/wp-content/themes/teaparty/images/
281 B
469 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/facebookIcon.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32fe96cfa3a9f406d692ea1a3843913667053d186916604fd1b15c3049750841

Request headers

:path
/wp-content/themes/teaparty/images/facebookIcon.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
:scheme
https
:method
GET
Referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=3545, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
281
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"dd9-5492ab0b269b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d79a0a98c2c4-FRA
cf-bgj
imgq:100
twitterIcon.png
www.teaparty.org/wp-content/themes/teaparty/images/
509 B
618 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/twitterIcon.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9277dad142d8ccd1fa7de77c1736f12235737db2c8abaf45fc76a9e80490a0

Request headers

:path
/wp-content/themes/teaparty/images/twitterIcon.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
:scheme
https
:method
GET
Referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=3814, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
509
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"ee6-5492ab0b28ce0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d79a0a99c2c4-FRA
cf-bgj
imgq:100
googleplusIcon.png
www.teaparty.org/wp-content/themes/teaparty/images/
632 B
776 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/googleplusIcon.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5be85ea09e74c49b5d4833b08ed3f94bac45011135734120a75baf512c594d

Request headers

:path
/wp-content/themes/teaparty/images/googleplusIcon.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
:scheme
https
:method
GET
Referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=3989, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
632
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"f95-5492ab0b269b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d79a0a9ac2c4-FRA
cf-bgj
imgq:100
sendemail.png
www.teaparty.org/wp-content/themes/teaparty/images/
344 B
453 B
Image
General
Full URL
https://www.teaparty.org/wp-content/themes/teaparty/images/sendemail.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63043180f65203c54dcc9c0f283788ad78fe291209b96dcd2367bc3420cbadc3

Request headers

:path
/wp-content/themes/teaparty/images/sendemail.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.teaparty.org
referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
:scheme
https
:method
GET
Referer
https://www.teaparty.org/wp-content/themes/teaparty/style.css?ver=20180131
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
HIT
cf-polished
origSize=3630, status=webp_bigger
x-cache
uncached
status
200
x-cache-info
caching
content-length
344
pragma
public
last-modified
Thu, 23 Feb 2017 04:03:05 GMT
server
cloudflare
etag
"e2e-5492ab0b288f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 09 Apr 2020 12:49:42 GMT
cache-control
public, max-age=31536001
accept-ranges
bytes
cf-ray
4c54d79a0a9bc2c4-FRA
cf-bgj
imgq:100
1094491430591707
connect.facebook.net/signals/config/
174 KB
42 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1094491430591707?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a9364847832364dc12174d40cd5b3074be46c3a4f17ba7f28fd3207640065746
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
42681
x-xss-protection
0
pragma
public
x-fb-debug
YUoj/ZJlT+3UJBRBzbyxEw01dkSXRFvt6GGLoT9UTeap4fcx0HAFjY0yiL4Pjj1r3+HeGEsmH4t2siRi/YcgiQ==
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.teaparty.org
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.teaparty.org
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019032901.js
securepubads.g.doubleclick.net/gpt/
158 KB
57 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
sffe /
Resource Hash
43001733235888c4a12ee8147a20fb01643d6be427b730fc021e0b04a111abf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2019 14:59:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
58393
x-xss-protection
0
expires
Wed, 10 Apr 2019 12:49:41 GMT
lock-em-up-survey
campaigns.teaparty.org/ Frame F253
54 KB
15 KB
Document
General
Full URL
https://campaigns.teaparty.org/lock-em-up-survey
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.2.3
Resource Hash
debda053221dfc71da7827c79c0bb30ea79a8509d58b2fd862efd086c2b7a20f
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
campaigns.teaparty.org
:scheme
https
:path
/lock-em-up-survey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
accept-encoding
gzip, deflate, br
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

status
200 200 OK
date
Wed, 10 Apr 2019 12:49:41 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 06 Feb 2019 04:36:47 GMT
cache-control
max-age=60, public, s-maxage=15552000, r-maxage=10
x-request-id
2570977c-9b00-451a-b306-4f2e04376883
x-content-digest
3a5963eedee10e7b05f92c9b12aa670082f29150
x-frame-options
ALLOWALL
x-runtime
1.005888
x-rack-cache
stale, valid, store
x-powered-by
Phusion Passenger Enterprise 5.2.3
via
1.1 vegur
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
set-cookie
__cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; path=/; expires=Wed, 10-Apr-19 13:19:41 GMT; domain=.campaigns.teaparty.org; HttpOnly
server
cloudflare
cf-ray
4c54d79aca766415-FRA
content-encoding
br
EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v10/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v10/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Serif:400,700
Origin
https://www.teaparty.org

Response headers

date
Sun, 10 Mar 2019 02:02:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:32:54 GMT
server
sffe
age
2717244
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13372
x-xss-protection
1; mode=block
expires
Mon, 09 Mar 2020 02:02:17 GMT
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v10/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v10/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Serif:400,700
Origin
https://www.teaparty.org

Response headers

date
Fri, 08 Mar 2019 21:30:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:33:41 GMT
server
sffe
age
2819961
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13280
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 21:30:20 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2c3addddfc6143973b34342cbe6635f0a46818d088d08abbd77bbd1477113e1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1ewEa676zKZGCUJEzx5WYA==
status
200
date
Wed, 10 Apr 2019 12:49:41 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
5t85+PBHnlYfGog+ziS4sKpF0hC9OgxXUjhpY1gM/qHfj9qvhmAtZiReel3iCK/UQtM2ud6joq0iMd8sTFzS3A==
x-fb-content-md5
46f61aec34771267b4345ecf6b1ce399
etag
"16d8a0bd41f12f51cf8678395efc3147"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Apr 2019 12:54:27 GMT
all.js
connect.facebook.net/en_US/
186 KB
55 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=9a8815e2742587bc0f56eed9a3b2ccaa&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
842bb8073670b72e2a266690324e47f9ac2316fa49bb4405b052c384e193d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Origin
https://www.teaparty.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LTcDB+1VN9fqE3YIfL7FYg==
status
200
date
Wed, 10 Apr 2019 12:49:41 GMT
vary
Accept-Encoding
content-length
56135
x-fb-debug
PEvOiJtZ/feGQWFC19j/eBOwgzLiEslZT5cmaCIT8ocP35f/EWOjDgw24IX9RCXZcZuUi/nnNxbPJVd/Ax8iDg==
x-fb-content-md5
5620732c079cbb9d5bc09e6d0adc76db
etag
"1b83db764560e03ba1a23a08445148c7"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 09 Apr 2020 09:51:57 GMT
counter
hellofromhony.org/
22 KB
4 KB
Script
General
Full URL
https://hellofromhony.org/counter
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.123.9.53 Chisinau, Moldova, ASN200019 (ASCLOUDATA, MD),
Reverse DNS
regluing.org
Software
nginx / PHP/5.6.40
Resource Hash
97c6d8dc5b926a5ffef6a8d861fff2e59edf798799b83d37950cd11b6560445e

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:41 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
/
www.facebook.com/tr/
44 B
322 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1094491430591707&ev=PageView&dl=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&rl=&if=false&ts=1554900581618&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1554900581617.1190659029&it=1554900581445&coo=false&rqm=GET
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 10 Apr 2019 12:49:41 GMT
lander.css
campaigns.teaparty.org/assets/ Frame F253
420 KB
62 KB
Stylesheet
General
Full URL
https://campaigns.teaparty.org/assets/lander.css
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eef3a224a3b6dbebd9f301ae36d3738912038740f16e377075f7d65210777df

Request headers

:path
/assets/lander.css
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; __cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
campaigns.teaparty.org
referer
https://campaigns.teaparty.org/lock-em-up-survey
:scheme
https
:method
GET
Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4c54d79b5b006415-FRA
date
Wed, 10 Apr 2019 12:49:41 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 20 Feb 2019 15:32:04 GMT
server
cloudflare
etag
W/"5c6d72f4-68fa4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=1200
content-encoding
br
expires
Wed, 10 Apr 2019 13:09:41 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F253
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
css
fonts.googleapis.com/ Frame F253
43 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb768e37256dc6ef97a1474cf80481a03090308c247ede2255c2cb704e95e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Apr 2019 12:49:41 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 12:49:41 GMT
application.js
campaigns.teaparty.org/assets/userevents/ Frame F253
5 KB
2 KB
Script
General
Full URL
https://campaigns.teaparty.org/assets/userevents/application.js
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Request headers

:path
/assets/userevents/application.js
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; __cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
campaigns.teaparty.org
referer
https://campaigns.teaparty.org/lock-em-up-survey
:scheme
https
:method
GET
Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
via
1.1 vegur
cf-cache-status
HIT
status
200
content-encoding
br
last-modified
Wed, 05 Dec 2018 18:08:52 GMT
server
cloudflare
etag
W/"5c081434-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
4c54d79b5b036415-FRA
expires
Wed, 10 Apr 2019 13:09:41 GMT
closemodal.png
campaigns.teaparty.org/images/ Frame F253
672 B
903 B
Image
General
Full URL
https://campaigns.teaparty.org/images/closemodal.png
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

:path
/images/closemodal.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; __cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
campaigns.teaparty.org
referer
https://campaigns.teaparty.org/lock-em-up-survey
:scheme
https
:method
GET
Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
via
1.1 vegur
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=788
status
200
content-disposition
inline; filename="closemodal.webp"
content-length
672
last-modified
Mon, 25 Mar 2019 13:11:47 GMT
server
cloudflare
etag
"5c98d393-314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 11 May 2019 12:49:41 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
4c54d79b5b056415-FRA
cf-bgj
imgq:100
lander.js
campaigns.teaparty.org/assets/ Frame F253
939 KB
258 KB
Script
General
Full URL
https://campaigns.teaparty.org/assets/lander.js
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
261ab6bc4fede6ce28807f9ee8e7b0997f232428bd899f1de60e33191037d4fd

Request headers

:path
/assets/lander.js
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; __cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
campaigns.teaparty.org
referer
https://campaigns.teaparty.org/lock-em-up-survey
:scheme
https
:method
GET
Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4c54d79b5b046415-FRA
date
Wed, 10 Apr 2019 12:49:41 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Sat, 23 Mar 2019 01:26:01 GMT
server
cloudflare
etag
W/"5c958b29-eaa4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=1200
content-encoding
br
expires
Wed, 10 Apr 2019 13:09:41 GMT
pushcrew.js
app.clickfunnels.com/assets/ Frame F253
637 B
903 B
Script
General
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 05 Dec 2018 18:08:52 GMT
server
cloudflare
etag
W/"5c081434-27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-encoding
br
cache-control
public, max-age=1200
cf-ray
4c54d79befa697b6-FRA
expires
Wed, 10 Apr 2019 13:09:41 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 5709
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9a8815e2742587bc0f56eed9a3b2ccaa&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
accept-encoding
gzip, deflate, br
cookie
fr=0jkQgi0XilVtr769c..BcreZl...1.0.BcreZl.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 08 Apr 2020 18:44:31 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
97LcBZyxi48/QCsUl4hGGU/KEsfiR7xNIibWMexj4NvPiuKy1UMgTQ8Z8pK2RLJxIGXAs4cxwg7lzRTNOjqnbA==
content-length
10983
date
Wed, 10 Apr 2019 12:49:41 GMT
ObamaHill2.png
campaigns.teaparty.org/hosted/images/c4/7120b09f3911e78791f9194729ea3d/ Frame F253
661 KB
662 KB
Image
General
Full URL
https://campaigns.teaparty.org/hosted/images/c4/7120b09f3911e78791f9194729ea3d/ObamaHill2.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/hosted/images/c4/7120b09f3911e78791f9194729ea3d/ObamaHill2.png
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; __cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
campaigns.teaparty.org
referer
https://campaigns.teaparty.org/lock-em-up-survey
:scheme
https
:method
GET
Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:41 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85
server
cloudflare
etag
"e64713b0f5baa87dad7a5f2f4b3353a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=31536000
cf-polished
status=not_needed
last-modified
Fri, 22 Sep 2017 02:00:25 GMT
accept-ranges
bytes
cf-ray
4c54d79c0bb26415-FRA
content-length
677273
admin-ajax.php
www.teaparty.org/wp-admin/
1 B
240 B
XHR
General
Full URL
https://www.teaparty.org/wp-admin/admin-ajax.php?postviews_id=355541&action=yuzo-plus-views&is_singular=1&_=1554900581285
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-admin/admin-ajax.php?postviews_id=355541&action=yuzo-plus-views&is_singular=1&_=1554900581285
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.teaparty.org
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
:method
GET
Accept
*/*
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-robots-tag
noindex
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-cache
uncached
content-type
text/html; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
4c54d79c1a6ac2c4-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
web.png
branding.rs-stripe.com/recommend/
2 KB
3 KB
Image
General
Full URL
https://branding.rs-stripe.com/recommend/web.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.65 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-65.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94ad9853f9f34959d715a372a763378a63c2f60b3416d3cfcdcf4618df37f09a

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Apr 2019 14:52:05 GMT
x-amz-meta-server-side-encryption
AES256
etag
"46d6f192947534bc2ad2d4ad9c39b90a"
last-modified
Fri, 10 Feb 2017 21:51:01 GMT
server
AmazonS3
age
79057
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
2419
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id
BbvI44OEUEG7BIqggxXlXxAfd0Cqu22iwv8dIXRzh90y6tgVGxiUfA==
image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4357
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4357
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4551
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4551
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4547
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4547
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=10547
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=10547
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=10025&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
0
0

short.png
branding.rs-stripe.com/recommend/
1 KB
2 KB
Image
General
Full URL
https://branding.rs-stripe.com/recommend/short.png
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.65 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-65.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 06 Jul 2018 19:01:44 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2015 16:56:24 GMT
server
AmazonS3
age
615610
etag
"b21b189748ab85533f7859fc43cc8806"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
1389
x-amz-cf-id
ExujLR4cx2R7ytOwOxllnplSxMXYYoCzV8knxr8m7shcocG3-jr5uA==
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-53d00f7e5e7dca08/
0
0

widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 60A0
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.teaparty.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Apr 2019 12:49:41 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41AB)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 7777
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=461404847254579&domain=www.teaparty.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversi...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9a8815e2742587bc0f56eed9a3b2ccaa&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
accept-encoding
gzip, deflate, br
cookie
fr=0jkQgi0XilVtr769c..BcreZl...1.0.BcreZl.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 08 Apr 2020 18:44:31 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
97LcBZyxi48/QCsUl4hGGU/KEsfiR7xNIibWMexj4NvPiuKy1UMgTQ8Z8pK2RLJxIGXAs4cxwg7lzRTNOjqnbA==
content-length
10983
date
Wed, 10 Apr 2019 12:49:41 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44#cb=f71f03af71f4ac&domain=www.teaparty.org&origin=https%3A%2F%2Fwww.teaparty.org%2Ff1cdcd3b0357598&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
rOrhTw1FNuWvT9v2lwEh+b3qb+tzpGMIJAt1uYgc0umex8rb5zjAEjnPR2DQQz5GC/69mr9lZM9FUR5PCVSoUA==
content-length
0
date
Wed, 10 Apr 2019 12:49:41 GMT
like.php
www.facebook.com/plugins/ Frame EC19
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df378e6b218cad1%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fteapartyorg&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9a8815e2742587bc0f56eed9a3b2ccaa&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df378e6b218cad1%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fteapartyorg&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
accept-encoding
gzip, deflate, br
cookie
fr=0jkQgi0XilVtr769c..BcreZl...1.0.BcreZl.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
/ZbRNOLT8/bVZ6Z3G39aF74vyCv3hThZYbEfO9kUsQ29u71RcXbghMYfttNwE0dbmBJ9kiLmlucEeh1NbIgRCw==
date
Wed, 10 Apr 2019 12:49:41 GMT
feedback.php
www.facebook.com/plugins/ Frame 597E
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26...
  • https://www.facebook.com/plugins/feedback.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26...
0
0
Document
General
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&color_scheme=light&container_width=600&height=100&href=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&locale=en_US&mobile=false&sdk=joey&skin=light
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9a8815e2742587bc0f56eed9a3b2ccaa&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&color_scheme=light&container_width=600&height=100&href=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&locale=en_US&mobile=false&sdk=joey&skin=light
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
accept-encoding
gzip, deflate, br
cookie
fr=0jkQgi0XilVtr769c..BcreZl...1.0.BcreZl.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
O+WWDBvIutd/OLogPP85dxKh0/wUMCqccRf0DU52qjrq7RErZNmgtpjJLoZqZK1dm8o7x5G8O1OBS1p2EkuQZg==
date
Wed, 10 Apr 2019 12:49:42 GMT

Redirect headers

status
302
strict-transport-security
max-age=15552000; preload
location
https://www.facebook.com/plugins/feedback.php?app_id=461404847254579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3cc7a2e7ebe828%26domain%3Dwww.teaparty.org%26origin%3Dhttps%253A%252F%252Fwww.teaparty.org%252Ff1cdcd3b0357598%26relation%3Dparent.parent&color_scheme=light&container_width=600&height=100&href=https%3A%2F%2Fwww.teaparty.org%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&locale=en_US&mobile=false&sdk=joey&skin=light
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
vary
Origin
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
x-fb-debug
jiYmaVpFn6yCgXoDLiTTIf6UXPCmKFyKeBoV4Rm4MqIeYl6PITrvYMtLz1o4//sUSg/uKL58URTAfSdXf2p6AA==
content-length
0
date
Wed, 10 Apr 2019 12:49:41 GMT
admin-ajax.php
www.teaparty.org/wp-admin/
22 B
326 B
XHR
General
Full URL
https://www.teaparty.org/wp-admin/admin-ajax.php
Requested by
Host: www.teaparty.org
URL: https://www.teaparty.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ae28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-admin/admin-ajax.php
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; X-Mapping-fjhppofk=0E25F8402A0B01E7ABCE27B6B005D81C; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; _fbp=fb.1.1554900581617.1190659029; __atuvc=1%7C15; __atuvs=5cade665b66fd502000
origin
https://www.teaparty.org
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.teaparty.org
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
content-length
751
:method
POST
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
Origin
https://www.teaparty.org
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Apr 2019 12:49:42 GMT
x-content-type-options
nosniff
age
0
x-cache
uncached
status
200
content-length
22
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.teaparty.org
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
set-cookie
tve_leads_unique=1; expires=Fri, 10-May-2019 12:49:42 GMT; Max-Age=2592000; path=/ tl_223548_223548_94=a%3A1%3A%7Bs%3A6%3A%22log_id%22%3Bi%3A18557337%3B%7D; expires=Fri, 10-May-2019 12:49:42 GMT; Max-Age=2592000; path=/
accept-ranges
bytes
cf-ray
4c54d79c7bc1c2c4-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
keen-tracking-1.0.3.min.js
d26b395fwzu5fz.cloudfront.net/ Frame F253
27 KB
9 KB
Script
General
Full URL
https://d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/assets/lander.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.220 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-220.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 29 Jun 2018 19:22:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Mar 2016 04:24:33 GMT
Server
AmazonS3
Age
24600408
ETag
"a6acb97120359c326c8f7775a5514f5d"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8994
X-Amz-Cf-Id
cA4NPnaJpjmZTSk27cqOGV8fXSzygdKbp6-t5gJYtjFFcvEv4Yd4fg==
Expires
Fri, 31 Mar 2017 04:24:29 GMT
sdk.js
connect.facebook.net/en_US/ Frame F253
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fb7ac2d8a617b999fcb98f08f3792b803181437f8f3879a5e5f4379cde8ad44e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
T7s5Gh8MLfSpmONon4WxfA==
status
200
date
Wed, 10 Apr 2019 12:49:41 GMT
vary
Accept-Encoding
content-length
1782
x-fb-debug
PgmMMtIfDc/eB0CD3U8FEWdxpp+fYyyic6iH6LKYXilDYbKzGPA3IbM4AbDPHLEH64szLfGK/DCEyw7ysAC7RA==
x-fb-content-md5
a3e90a98b67536b79b57668d674efa1d
etag
"c9c14587123b0fa1eb55c6ffdd490e9a"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Apr 2019 12:55:24 GMT
vendor.js
campaigns.teaparty.org/ Frame F253
18 KB
5 KB
Script
General
Full URL
https://campaigns.teaparty.org/vendor.js
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.5
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:path
/vendor.js
pragma
no-cache
cookie
__cfduid=df613a77a78d9edad5b838fdd11829dd51554900580; _ga=GA1.2.466962041.1554900581; _gid=GA1.2.823933487.1554900581; _gat=1; __cf_bm=8953ca6c8e957153ade227676a3c307baf50eb7a-1554900581-1800-Acc16WvmhYE7ZF426nEtqyD4YNu86dOTvNSj74zBN7/rPyWg8D4w3SfqMCZilCHVZRur/Bmu+tiz1t8+vKsGZbY=; _fbp=fb.1.1554900581617.1190659029
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
campaigns.teaparty.org
referer
https://campaigns.teaparty.org/lock-em-up-survey
:scheme
https
:method
GET
Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:42 GMT
via
1.1 vegur
cf-cache-status
REVALIDATED
x-powered-by
Phusion Passenger Enterprise 5.3.5
status
200 200 OK
content-encoding
br
x-request-id
4536ab85-bee4-4ded-b1cc-febf3cd35c7c
x-runtime
0.014221
x-content-digest
581e49c9b7bdd06dab54c00931f4256b223e620e
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=900
cf-ray
4c54d79d5d246415-FRA
x-rack-cache
fresh
in.php
in.getclicky.com/
155 B
451 B
Script
General
Full URL
https://in.getclicky.com/in.php?site_id=101011524&type=pageview&href=%2Fcanadian-man-fined-55k-misgendering-transgender-female-355541%2F&title=Canadian%20Man%20Fined%20%2455k%20For%20%E2%80%98Misgendering%E2%80%99%20Transgender%20Female%20-%20Tea%20Party%20News&res=1600x1200&lang=en&jsuid=4049240971&mime=js&x=0.033836989527208816
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.14 Wilsonville, United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:42 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
app.clickfunnels.com/userevents/ Frame F253
0
3 KB
XHR
General
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=dnRhbC9nTlJFSTRoUzJSVytVZVhnQT09LS12clhHbEE2dFlrcXFSNDBsNmJUYk13PT0%3D--c4d813e565b01b17be3788d5a1e875d473909da7&page_id=NTFiOHZMMXR0UEY1bXE0NGEyNnlMQT09LS1IT3QzaFRwcjU2MjFDODdTbTRJWUJBPT0%3D--ec2d71ea9d726f0ff78ab079f18bbbbf9bdb33ca&funnel_step_id=L0JyVytJSlVHeUNOSzZYdUl0dmM0Zz09LS1yVUxuekd5b0ZrcFFDQ2lyQjR3QU9BPT0%3D--692059cc8b778e28a460b6fdbd31842983257931&user_id=STVpbDdGKzg5QUxuUG95NmpIRHJ2Zz09LS1mbTVvMEpLdk80YkVTWm96NURTenR3PT0%3D--875e1d887a7efcb3081d18b896c7c6610cec52c9&page_code=MTY2NjIyNjY%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=620&type=Userevents::PageviewsCreatedSummary&nonce=a63f1b3e-50e2-4ea9-abb7-0ba45898ff6f&url=https%3A%2F%2Fcampaigns.teaparty.org%2Flock-em-up-survey
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://campaigns.teaparty.org/lock-em-up-survey
Origin
https://campaigns.teaparty.org

Response headers

/
app.clickfunnels.com/userevents/ Frame F253
0
3 KB
XHR
General
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=dnRhbC9nTlJFSTRoUzJSVytVZVhnQT09LS12clhHbEE2dFlrcXFSNDBsNmJUYk13PT0%3D--c4d813e565b01b17be3788d5a1e875d473909da7&page_id=NTFiOHZMMXR0UEY1bXE0NGEyNnlMQT09LS1IT3QzaFRwcjU2MjFDODdTbTRJWUJBPT0%3D--ec2d71ea9d726f0ff78ab079f18bbbbf9bdb33ca&funnel_step_id=L0JyVytJSlVHeUNOSzZYdUl0dmM0Zz09LS1yVUxuekd5b0ZrcFFDQ2lyQjR3QU9BPT0%3D--692059cc8b778e28a460b6fdbd31842983257931&user_id=STVpbDdGKzg5QUxuUG95NmpIRHJ2Zz09LS1mbTVvMEpLdk80YkVTWm96NURTenR3PT0%3D--875e1d887a7efcb3081d18b896c7c6610cec52c9&page_code=MTY2NjIyNjY%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=620&type=Userevents::UniquePageviewsCreatedSummary&nonce=c9bc8b0e-5e7f-4e6b-9666-3a93b0510fef&url=https%3A%2F%2Fcampaigns.teaparty.org%2Flock-em-up-survey
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://campaigns.teaparty.org/lock-em-up-survey
Origin
https://campaigns.teaparty.org

Response headers

/
app.clickfunnels.com/userevents/ Frame F253
0
3 KB
XHR
General
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=dnRhbC9nTlJFSTRoUzJSVytVZVhnQT09LS12clhHbEE2dFlrcXFSNDBsNmJUYk13PT0%3D--c4d813e565b01b17be3788d5a1e875d473909da7&page_id=NTFiOHZMMXR0UEY1bXE0NGEyNnlMQT09LS1IT3QzaFRwcjU2MjFDODdTbTRJWUJBPT0%3D--ec2d71ea9d726f0ff78ab079f18bbbbf9bdb33ca&funnel_step_id=L0JyVytJSlVHeUNOSzZYdUl0dmM0Zz09LS1yVUxuekd5b0ZrcFFDQ2lyQjR3QU9BPT0%3D--692059cc8b778e28a460b6fdbd31842983257931&user_id=STVpbDdGKzg5QUxuUG95NmpIRHJ2Zz09LS1mbTVvMEpLdk80YkVTWm96NURTenR3PT0%3D--875e1d887a7efcb3081d18b896c7c6610cec52c9&page_code=MTY2NjIyNjY%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=620&type=Userevents::UniqueVisitorsCreatedSummary&nonce=64dff5db-c8b8-4a5f-b60b-baa638428624&url=https%3A%2F%2Fcampaigns.teaparty.org%2Flock-em-up-survey
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://campaigns.teaparty.org/lock-em-up-survey
Origin
https://campaigns.teaparty.org

Response headers

iframe_api
www.youtube.com/ Frame F253
859 B
944 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/assets/lander.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 10 Apr 2019 12:49:42 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
/
track.addevent.com/atc/ Frame F253
0
559 B
Image
General
Full URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=a380938e-38d5-4195-e8ae-8e7e95174070&url=https%3A%2F%2Fcampaigns.teaparty.org%2Flock-em-up-survey&cache=1554900582070
Requested by
Host: campaigns.teaparty.org
URL: https://campaigns.teaparty.org/lock-em-up-survey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.68.15 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-251-68-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
sdk.js
connect.facebook.net/en_US/ Frame F253
193 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=75cdc3c700776213e5ab8883d2896c96&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://campaigns.teaparty.org/lock-em-up-survey
Origin
https://campaigns.teaparty.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QlRdPLh2qxd3rMqSoBvfmg==
status
200
date
Wed, 10 Apr 2019 12:49:42 GMT
vary
Accept-Encoding
content-length
58912
x-fb-debug
W3lwPMptG7v+/OoerBoAa80EE4qY49WPRlg65ERIQL114N8SRP7diS411T7XA1IXRwRm+LfbYNkX/bclIizK0w==
x-fb-content-md5
86f51dc98c918c3186de60b9f2189f34
etag
"769b4c99cc749ae6344d58bff68c2ee2"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 09 Apr 2020 09:41:44 GMT
/
now.daphnesik.icu/
Redirect Chain
  • http://ectuerpartie.tk/index/?4831537102803
  • https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
3 KB
2 KB
Document
General
Full URL
https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
Requested by
Host: hellofromhony.org
URL: https://hellofromhony.org/counter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.220 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.3
Resource Hash
f2b3d9d5dccf58c441685fd0a293481334f22c379007e4c97867558a27b6be61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
now.daphnesik.icu
:scheme
https
:path
/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 10 Apr 2019 12:49:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.3
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=d48d534c97e2c19f13a90dd1a6805e3c; expires=Thu, 09-Apr-2020 12:49:42 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Wed, 10 Apr 2019 12:49:42 GMT
Content-Type
text/html
Content-Length
185
Connection
keep-alive
Location
https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflNBM2YL/ Frame F253
20 KB
8 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflNBM2YL/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4016:807::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.teaparty.org/lock-em-up-survey
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 05 Apr 2019 07:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449690
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
7810
x-xss-protection
0
last-modified
Fri, 05 Apr 2019 06:01:58 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 13 Apr 2019 07:54:52 GMT
/
www.facebook.com/tr/ Frame B814
0
0
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
1947
pragma
no-cache
cache-control
no-cache
origin
https://www.teaparty.org
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/
accept-encoding
gzip, deflate, br
cookie
fr=0jkQgi0XilVtr769c..BcreZl...1.0.BcreZl.
Origin
https://www.teaparty.org
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.teaparty.org/canadian-man-fined-55k-misgendering-transgender-female-355541/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.teaparty.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Wed, 10 Apr 2019 12:49:42 GMT
image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9204
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9204
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4548
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4548
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4549
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4549
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4358
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4358
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9151
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9151
0
0

image
tr.rev-stripe.com/stripe/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9155
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9155
0
0

/
now.daphnesik.icu/
5 KB
2 KB
Document
General
Full URL
https://now.daphnesik.icu/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf295919d8592f4f5fbcbf9fffeffccfcf0f3f0c1c6c792
Requested by
Host: now.daphnesik.icu
URL: https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.220 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.3
Resource Hash
0302062198f620bbad1f0c5bb411c1a2bf77b1221f13dbfd6e0d735a8f03daf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
now.daphnesik.icu
:scheme
https
:path
/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf295919d8592f4f5fbcbf9fffeffccfcf0f3f0c1c6c792
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign
accept-encoding
gzip, deflate, br
cookie
u=d48d534c97e2c19f13a90dd1a6805e3c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://now.daphnesik.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=lucasartsdesign

Response headers

status
200
server
nginx
date
Wed, 10 Apr 2019 12:49:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.3
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • https://now.daphnesik.icu/proc.php?40d4086cd02f1d4c8456231e0db1cfaaba937b81
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
6 KB
3 KB
Document
General
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
Requested by
Host: now.daphnesik.icu
URL: https://now.daphnesik.icu/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf295919d8592f4f5fbcbf9fffeffccfcf0f3f0c1c6c792
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.14.2 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://now.daphnesik.icu/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf295919d8592f4f5fbcbf9fffeffccfcf0f3f0c1c6c792
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://now.daphnesik.icu/?utm_term=6678247023700869596&clickverify=1&c=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf295919d8592f4f5fbcbf9fffeffccfcf0f3f0c1c6c792

Response headers

status
200
server
nginx/1.14.2
date
Wed, 10 Apr 2019 12:49:42 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 10 Apr 2019 12:49:42 GMT
content-type
text/html; charset=UTF-8
location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
x-powered-by
PHP/7.3.3
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
in.php
up.trkgenius.com/
1 KB
984 B
Document
General
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608&m=A.oWNkopAP5VNQwIeEKUqAMJ-cGz4t_o7CuMD7kitoHPk4qMI7qPk4uqIaJckC2.qiH.IjXf49ds-qEiaZ2bs12nHJto4N_fec5fevdI-NEII7JzuNkJpM
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608&m=A.oWNkopAP5VNQwIeEKUqAMJ-cGz4t_o7CuMD7kitoHPk4qMI7qPk4uqIaJckC2.qiH.IjXf49ds-qEiaZ2bs12nHJto4N_fec5fevdI-NEII7JzuNkJpM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608

Response headers

status
200
server
nginx/1.14.2
date
Wed, 10 Apr 2019 12:49:42 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=a4a4fcb0580c0c89752f37cad98a5d63
set-cookie
t=814acf6bb7961930
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=a4a4fcb0580c0c89752f37cad98a5d63
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx
6 KB
3 KB
Document
General
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 North Miami Beach, United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
e1acec464dad1ad8fb5c4d51e7c6ab0f21a5c77eddcb60792c23b8e6dc212bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608&m=A.oWNkopAP5VNQwIeEKUqAMJ-cGz4t_o7CuMD7kitoHPk4qMI7qPk4uqIaJckC2.qiH.IjXf49ds-qEiaZ2bs12nHJto4N_fec5fevdI-NEII7JzuNkJpM
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6678247023700869596&pubid=1608&m=A.oWNkopAP5VNQwIeEKUqAMJ-cGz4t_o7CuMD7kitoHPk4qMI7qPk4uqIaJckC2.qiH.IjXf49ds-qEiaZ2bs12nHJto4N_fec5fevdI-NEII7JzuNkJpM

Response headers

status
200
content-type
text/html;charset=utf-8
x-cache-status
NOTCACHED
x-zen-fury
06a5f858f217d50f6795985e115098b233a03a92
date
Wed, 10 Apr 2019 12:49:43 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=9c86bf0287d0a10ac25ef83be2df29f5_1554900583.0492; domain=minently.com; path=/; expires=Sat, 07-Apr-2029 12:49:43 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1554900583.0509; domain=minently.com; path=/; expires=Sat, 07-Apr-2029 12:49:43 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VlFFYXZhY1hCRDJDQTc3RE5zeWlnWjZzTFhXS20yTXcvUU9DYW9UR0R5Uw%3D%3D; domain=minently.com; path=/; expires=Sat, 07-Apr-2029 12:49:43 UTC; Secure 9c86bf0287d0a10ac25ef83be2df29f5_1554900583.0492_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83cVBGT2plem96allWOHo5bmxiUitTZm1UU3AreTd0S1IzRlBwcjRIdTNJRURRdzNESG0vS2R5ZVg4VGg5YnI0SUlaUk5HU1JrQjQ2Q0hZV1c0YS9CYXp2dzFkSGJCWEFMR0R3bnRRSWRhcndiOC9WZndiQk5qd3IvT3RwWkNkTVpkdTVDUVZPTVpnR0dSSkMrblYvcnBwQlB6VTRRYklUeWR6S3RaSUlyUzBDQkJCcklwMjVZbjNUdGNtL0tJYzBnM253YUtiajU3M3IvVVp6NmdrakdUcTRzd3Q2b0IzUFQ2WFBleXZLSFhZQzkreU5CM2l3cTAxZXlYNUp2TTZkVHpkRm5JSTluUFhGMmZKdVg0VmE4OFhmRUdQaU5MQ1dudGFLeDlQQVZXVlRwdnd1Y2haOXhHS3lrTzVtbWMwbFJyMUllQkZIazJxakxsbHBXYzcyRUhYaU8vcTVsKzByVFlHQ0E3c3NqazA4TFVIcGNtdGNXM0J4QVRpWjUva1VPdHlPSEZBeE5TejNRYjVqNTE0S0xYcDdzeU5XclQrWVBlN044N1RLbXJZOFBxR2lzL21QbFcvbkI1aWJTY1FoSXhCTWQwT1hjeGtOU3Zoc3JIdlVybGFIaEU4ZklOTVYxTnZZUitTYTd3dmE1OFIwdm9OWGtLZy9nQ2c5RW0xbUNDUlBjaEs2R2dXVkpvUkFOWURGc0pic1doKzYvc2pQMUh5NmNoNWdYMGtzZ045YXd6S0svTzNxUzhQYzhzNTBJZjVMY3hxOWRCQXUwaTdKWlArQ2xJMmgwenpYOFlGbTBRKzBZcERSNFNvWmk4aWlUSEhsRVNkbStVNDJzWFViUnY4MzJsRE5odk9xQUxQVDdEa2ZWWVhoMTN2cHlvTHYzRWdiVnYrSVgxZ005cWdYNHRsQVp1cy9NTU11NU9UWTR6L04vK1pWLytFMkxObTBnSGRPTXpDOU9xRVZxWFl4K0lBSlJoZExMRXJMK2s4WFdrbkxKcFNuTDB1czBDbkVLb3UzaTQvd2lrM0Y2SWVjaWQ3aWhUemdiZEpCL2daR1FxR1lYTDRJb3BhQw%3D%3D; domain=minently.com; path=/; expires=Sat, 07-Apr-2029 12:49:43 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=akdCVGFtdEI4TW5EN2srTzkvZjBOckZ5WjNPeXhNRU96d3RZSnR3NURIamlWWnkvNW4wazhxSHlqMHNULzJ6aEo0OXJBem1aUFR0WG9DbFRPUWxGa0o1WU5QM1htbHNlNHdOZ2Nyd0dtT1U9; domain=minently.com; path=/; expires=Wed, 10-Apr-2019 13:54:43 UTC; Secure SERVERID=sfc14; path=/
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx/1.14.2
date
Wed, 10 Apr 2019 12:49:42 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
/
track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/
0
0

/
track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/
1018 B
747 B
Document
General
Full URL
https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=d0ce62a1387c4fc8235bff3bf2ec5f9b&ext1=dvx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.170.100.126 -, , ASN201942 (SOLTIA, ES),
Reverse DNS
Software
nginx /
Resource Hash
9202e1a4dcd79aaefa17d6945e3e95e1e827081cd6e0449816a3a6c22772d2a0

Request headers

:method
GET
:authority
track.fungiers.com
:scheme
https
:path
/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://minently.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://minently.com/

Response headers

status
200
server
nginx
date
Wed, 10 Apr 2019 12:49:43 GMT
content-type
text/html; charset=UTF-8
content-length
478
access-control-allow-origin
*
access-control-allow-headers
Content-Type
referrer-policy
no-referrer
cache-control
no-cache, private
content-encoding
gzip
x-device
desktop
accept-ranges
bytes
age
0
tp-cache
MISS
vary
Accept-Encoding
offer.png
track.fungiers.com/
95 B
430 B
Image
General
Full URL
http://track.fungiers.com/offer.png
Requested by
Host: track.fungiers.com
URL: https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/
Protocol
HTTP/1.1
Server
31.170.100.125 -, , ASN201942 (SOLTIA, ES),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:43 GMT
TP-Cache
HIT
Last-Modified
Mon, 18 Mar 2019 17:46:39 GMT
Age
1945687
ETag
"5c8fd97f-5f"
Content-Type
image/png
Cache-Control
max-age=315360000
X-Device
mobile
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
Expires
Thu, 31 Dec 2037 23:55:55 GMT
d.php
mango.trkpre.com/main/
Redirect Chain
  • http://trk.vmwwtracking.com/aff_c?offer_id=1135&aff_id=1695&file_id=8949&source=M2019041012-a27a18264287f678de7fb8ae659c55ae&aff_sub=185392&firstname={firstname}&lastname={lastname}&email={email}
  • https://mango.trkpre.com/click/LP8jjtElnx?cid=102d4ef72911b46580019095f6e728&sub-id=1695&sub-id2=&firstname={firstname}&lastname={lastname}&mail={email}&title={title}
  • https://mango.trkpre.com/main/d.php?s=1&link=http%3A%2F%2Fmein-babypaket.com%3FPR_ID%3DAF-gmp118-8597%26token-id%3DP8jjtElnTV-5cade669e4c61b5ed102806c%26sub-id%3D%26sub-id2%3D%26sub-id%3D1695%26sub...
336 B
438 B
Document
General
Full URL
https://mango.trkpre.com/main/d.php?s=1&link=http%3A%2F%2Fmein-babypaket.com%3FPR_ID%3DAF-gmp118-8597%26token-id%3DP8jjtElnTV-5cade669e4c61b5ed102806c%26sub-id%3D%26sub-id2%3D%26sub-id%3D1695%26sub-id2%3D%26firstname%3D%257Bfirstname%257D%26lastname%3D%257Blastname%257D%26mail%3D%257Bemail%257D%26title%3D%257Btitle%257D%26ept2%3Da41316bd-aee7-470e-87bd-4921f3189d10
Requested by
Host: track.fungiers.com
URL: https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.161.170 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-27-161-170.us-west-2.compute.amazonaws.com
Software
nginx/1.11.6 /
Resource Hash
73535f34f06d7a3979b08a169f4bf0cbdb55089dfc3515a0761bf4d7d02b6d24

Request headers

Host
mango.trkpre.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
XSRF-TOKEN=eyJpdiI6Ijh6SWp5S0FJalJyT1VNZ2dMeUFMcHc9PSIsInZhbHVlIjoiMzlOMmpjS0paK0RpM1pcL2x4aFRwZEo5SWZpQkhTdTdqcmw1eEVLaDNHVVRPNll5SEYzMnhSWWdlWWFGZ1FMSzROYVlEMTYrN29aSzhCNVRJR3I0am5BPT0iLCJtYWMiOiI1YjNiZDIwNzY0ZjljN2RkYTg1ZmQ5ZTVjM2IzNzFiYTU2NTI2YzA3MzY2NWY2OTk4NTBjZmVlMmUxZTQwOTExIn0%3D; session=eyJpdiI6InZEa1BnUU54WHA2VVN1MjZjb0VlS1E9PSIsInZhbHVlIjoiMlwvUVF4YzlrUytremZ4MXdMRFwvK1l3SHFDdjdFb2JMbERIRXRIUHdIa1pPV3NHem9mYkpZa1NWUitFZlhmMWNWdEpYK0VJNVZQbEdHTjZpUkxLeU1hQT09IiwibWFjIjoiMTI0ZWVlZTZlZmQ4ZGJhMjI3ZTFmYWQ0YzY0YTNkOTQ5NGFmYmM4NzlkMjA5MGUyNzI4Y2MxMzBhMTcwZmZjNCJ9; ept2=eyJpdiI6InNXeFpJZnlucFdzWGk0RnFiYll5dnc9PSIsInZhbHVlIjoiM1BtTFROUVRrZ1pjR3daVlQ4RDF6Q011dnJ5V2l6UnluMnR5bGx0RkZEdlk4aklzVHl4a1ZadzNjOVwvY0poYVpzK2F0c3ZvditxTStmbk9JU0xNeE5PeUVVbWc1eVZUcHpyQlJNYWwrbElpdThcL2RnRmI1T04yWmxISU1DWVwvK1RJVjIyTWgxV0UwVUs0TE1HYVJPR0x2WmJZTjBHV29KQmZkTW9CekhLUXNBempmUjRRUkRZUDhaY2xLYWNBT0dJIiwibWFjIjoiMDM0ZjZlMjBkZWQ3ZGFlZDE3OTA3YTJmMDc2YmVjN2U3OWUyMjNjY2QwMmUzNTM3MzU0YTNkMGRjNWNlYTFjOCJ9; rJD0PAG0zdWbao7WOS4W5V9YWY4DaSq2R4n8huab=eyJpdiI6IlM0NUhZdCtBbnBYbUM3SmgweWNrQnc9PSIsInZhbHVlIjoiMXNCR1RLM25ZcDlKNXoyeThUSmpJZStkTEE4Ymc5YmtlTTVcL3ZKNlJxTGo0T2lpUmFMWVdmbzRRbUFXeWZzbStyNXdMVktQaFV4TGIxM3pjckFLY1ljOTVBckZOR0daSkZmTk9vWHF3UUkxbVZ5STkrdUVGSTBDZ0ZwRmtOYUtxcjlKRUNCcG5COTJWODB0RzJHWkJzM3k2QzRsRTh4UkZvNTRMbVNLVnB4UFdXUUR5QWI3THlCUVdkcUc3SjYreUNidHF1MEtUaGF0YmNTTGtId094SWt4czRyY2JlemYrbEZ0NTI3T2NPU01BckVnN2poUmZVRUtXRFJiUDVaR1UzalV0eHdoaVZlcVVVRmhDQlh2eHlta1V0UURuOGN4MThhTm1iQTVvZnArV1VobzNTaFZyU2dNc0dzSzgrWTlyU1hROHdPSVlYUFM2K0N5R2ZDTFdMa3kxREk5XC9zbExPNWZSQ3dVUnFNXC9vTDUxUjRNMlB2SU9FVnZKSE1MV0o4T0xUczRPQXE0K1wvQUhhWFc3UzhCQldRMDdNR2pLOU03YU1POE5FZCtXeGc0MXdZcE9GXC93RklYb0NGWDM3WTlNTkYyU2JHQlZNMW15cGltXC9CRWpRUHhLUm5VQlpJWUk1RHZmbFwvQzhLbWt1cFBkZVgwMzFSNmo4WmphT25ZRHZxVHMrT1FPbzh0WXN3dlVwZ3RRM0pjdXRFTFEwK25tXC96QVhEQ0RKdFwvb1A3NlRtdTNCbmxER0VZWExtXC8wNDA3cENqcWtFUXVCdFNiRzNkODRaRlZKbUlFTVRBclwvWE5XaFRaaWROdGV6SVRQa0VIMEI0V0NmOFZ1TUZ4cXNyVlMzakdlOGdvTG5ldkRCWHV0b2Q2TkV2bmFGS0FXc1FjQjNNUFpSbEE1XC8reG9CbGRjMzV6RmhUSFdOZHlRWEVYRVwvNmtIanRiVTl1Um1oU1wvelpkTzBnajlHUWFHVVNJVUIxN1prNGxqVDd1ZVk9IiwibWFjIjoiZDA0YjBmODBiM2YwNTdmYTExN2E2ZDgyNTEwY2ZiMjQ4ZjkyMWQ4MWY5ZWUwOGY2MzNlMDUwNWM3Yjk1MDhkNyJ9; AWSELB=8579EB0D143B9B0D7673809D0CD3BCF9A3732FA9A0E73B6090376A9C0C76F03F1E30CB7B7BD9E9CB9E13E47AB2E4BD614007BF13DAC7B578DEFA818557863386B056933060
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Apr 2019 12:49:45 GMT
Server
nginx/1.11.6
Content-Length
251
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, private
Cache-control
no-cache="set-cookie"
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Apr 2019 12:49:45 GMT
Location
/main/d.php?s=1&link=http%3A%2F%2Fmein-babypaket.com%3FPR_ID%3DAF-gmp118-8597%26token-id%3DP8jjtElnTV-5cade669e4c61b5ed102806c%26sub-id%3D%26sub-id2%3D%26sub-id%3D1695%26sub-id2%3D%26firstname%3D%257Bfirstname%257D%26lastname%3D%257Blastname%257D%26mail%3D%257Bemail%257D%26title%3D%257Btitle%257D%26ept2%3Da41316bd-aee7-470e-87bd-4921f3189d10
Server
nginx/1.11.6
Set-Cookie
XSRF-TOKEN=eyJpdiI6Ijh6SWp5S0FJalJyT1VNZ2dMeUFMcHc9PSIsInZhbHVlIjoiMzlOMmpjS0paK0RpM1pcL2x4aFRwZEo5SWZpQkhTdTdqcmw1eEVLaDNHVVRPNll5SEYzMnhSWWdlWWFGZ1FMSzROYVlEMTYrN29aSzhCNVRJR3I0am5BPT0iLCJtYWMiOiI1YjNiZDIwNzY0ZjljN2RkYTg1ZmQ5ZTVjM2IzNzFiYTU2NTI2YzA3MzY2NWY2OTk4NTBjZmVlMmUxZTQwOTExIn0%3D; expires=Wed, 10-Apr-2019 14:49:45 GMT; Max-Age=7200; path=/ session=eyJpdiI6InZEa1BnUU54WHA2VVN1MjZjb0VlS1E9PSIsInZhbHVlIjoiMlwvUVF4YzlrUytremZ4MXdMRFwvK1l3SHFDdjdFb2JMbERIRXRIUHdIa1pPV3NHem9mYkpZa1NWUitFZlhmMWNWdEpYK0VJNVZQbEdHTjZpUkxLeU1hQT09IiwibWFjIjoiMTI0ZWVlZTZlZmQ4ZGJhMjI3ZTFmYWQ0YzY0YTNkOTQ5NGFmYmM4NzlkMjA5MGUyNzI4Y2MxMzBhMTcwZmZjNCJ9; expires=Wed, 10-Apr-2019 14:49:45 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6InNXeFpJZnlucFdzWGk0RnFiYll5dnc9PSIsInZhbHVlIjoiM1BtTFROUVRrZ1pjR3daVlQ4RDF6Q011dnJ5V2l6UnluMnR5bGx0RkZEdlk4aklzVHl4a1ZadzNjOVwvY0poYVpzK2F0c3ZvditxTStmbk9JU0xNeE5PeUVVbWc1eVZUcHpyQlJNYWwrbElpdThcL2RnRmI1T04yWmxISU1DWVwvK1RJVjIyTWgxV0UwVUs0TE1HYVJPR0x2WmJZTjBHV29KQmZkTW9CekhLUXNBempmUjRRUkRZUDhaY2xLYWNBT0dJIiwibWFjIjoiMDM0ZjZlMjBkZWQ3ZGFlZDE3OTA3YTJmMDc2YmVjN2U3OWUyMjNjY2QwMmUzNTM3MzU0YTNkMGRjNWNlYTFjOCJ9; expires=Thu, 11-Apr-2019 12:49:45 GMT; Max-Age=86400; path=/; HttpOnly rJD0PAG0zdWbao7WOS4W5V9YWY4DaSq2R4n8huab=eyJpdiI6IlM0NUhZdCtBbnBYbUM3SmgweWNrQnc9PSIsInZhbHVlIjoiMXNCR1RLM25ZcDlKNXoyeThUSmpJZStkTEE4Ymc5YmtlTTVcL3ZKNlJxTGo0T2lpUmFMWVdmbzRRbUFXeWZzbStyNXdMVktQaFV4TGIxM3pjckFLY1ljOTVBckZOR0daSkZmTk9vWHF3UUkxbVZ5STkrdUVGSTBDZ0ZwRmtOYUtxcjlKRUNCcG5COTJWODB0RzJHWkJzM3k2QzRsRTh4UkZvNTRMbVNLVnB4UFdXUUR5QWI3THlCUVdkcUc3SjYreUNidHF1MEtUaGF0YmNTTGtId094SWt4czRyY2JlemYrbEZ0NTI3T2NPU01BckVnN2poUmZVRUtXRFJiUDVaR1UzalV0eHdoaVZlcVVVRmhDQlh2eHlta1V0UURuOGN4MThhTm1iQTVvZnArV1VobzNTaFZyU2dNc0dzSzgrWTlyU1hROHdPSVlYUFM2K0N5R2ZDTFdMa3kxREk5XC9zbExPNWZSQ3dVUnFNXC9vTDUxUjRNMlB2SU9FVnZKSE1MV0o4T0xUczRPQXE0K1wvQUhhWFc3UzhCQldRMDdNR2pLOU03YU1POE5FZCtXeGc0MXdZcE9GXC93RklYb0NGWDM3WTlNTkYyU2JHQlZNMW15cGltXC9CRWpRUHhLUm5VQlpJWUk1RHZmbFwvQzhLbWt1cFBkZVgwMzFSNmo4WmphT25ZRHZxVHMrT1FPbzh0WXN3dlVwZ3RRM0pjdXRFTFEwK25tXC96QVhEQ0RKdFwvb1A3NlRtdTNCbmxER0VZWExtXC8wNDA3cENqcWtFUXVCdFNiRzNkODRaRlZKbUlFTVRBclwvWE5XaFRaaWROdGV6SVRQa0VIMEI0V0NmOFZ1TUZ4cXNyVlMzakdlOGdvTG5ldkRCWHV0b2Q2TkV2bmFGS0FXc1FjQjNNUFpSbEE1XC8reG9CbGRjMzV6RmhUSFdOZHlRWEVYRVwvNmtIanRiVTl1Um1oU1wvelpkTzBnajlHUWFHVVNJVUIxN1prNGxqVDd1ZVk9IiwibWFjIjoiZDA0YjBmODBiM2YwNTdmYTExN2E2ZDgyNTEwY2ZiMjQ4ZjkyMWQ4MWY5ZWUwOGY2MzNlMDUwNWM3Yjk1MDhkNyJ9; expires=Wed, 10-Apr-2019 14:49:45 GMT; Max-Age=7200; path=/; HttpOnly AWSELB=8579EB0D143B9B0D7673809D0CD3BCF9A3732FA9A0E73B6090376A9C0C76F03F1E30CB7B7BD9E9CB9E13E47AB2E4BD614007BF13DAC7B578DEFA818557863386B056933060;PATH=/;MAX-AGE=86400
Content-Length
14
Connection
keep-alive
Primary Request /
mein-babypaket.com/
Redirect Chain
  • http://mein-babypaket.com/?PR_ID=AF-gmp118-8597&token-id=P8jjtElnTV-5cade669e4c61b5ed102806c&sub-id=&sub-id2=&sub-id=1695&sub-id2=&firstname=%7Bfirstname%7D&lastname=%7Blastname%7D&mail=%7Bemail%7D...
  • https://mein-babypaket.com/?PR_ID=AF-gmp118-8597&token-id=P8jjtElnTV-5cade669e4c61b5ed102806c&sub-id=&sub-id2=&sub-id=1695&sub-id2=&firstname=%7Bfirstname%7D&lastname=%7Blastname%7D&mail=%7Bemail%7...
  • https://mein-babypaket.com/?redirectSessionTest=1
  • https://mein-babypaket.com/
22 KB
4 KB
Document
General
Full URL
https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
1c7f09a9c94afc0a7633f788c0bd7620aa6bf33c902b3452cbadd6a3a0152325

Request headers

Host
mein-babypaket.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:46 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3405
Keep-Alive
timeout=2, max=998
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Wed, 10 Apr 2019 12:49:46 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Location
https://mein-babypaket.com/
Content-Length
0
Keep-Alive
timeout=2, max=999
Connection
Keep-Alive
Content-Type
text/html
css
fonts.googleapis.com/
9 KB
772 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
db6cd59c42c777b02410dca9f0a28e5d02cc4fb4fad189645bb2398941c4ce59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Apr 2019 12:49:46 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 10 Apr 2019 12:49:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 12:49:46 GMT
flexboxgrid.min.css
mein-babypaket.com/template/_media/assets/css/
12 KB
2 KB
Stylesheet
General
Full URL
https://mein-babypaket.com/template/_media/assets/css/flexboxgrid.min.css
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
f686675793866e5deef717f06df0a8f168c72a226f9b32fea58cc2b08858b3bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=997
Content-Length
1610
Expires
Sat, 13 Apr 2019 12:49:46 GMT
global.css
mein-babypaket.com/template/_media/assets/css/
36 KB
9 KB
Stylesheet
General
Full URL
https://mein-babypaket.com/template/_media/assets/css/global.css
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
227c55c1a9f7d64807fb7b85da574d27e8e297ce2f109d5c3a2459c51603526a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=996
Content-Length
9335
Expires
Sat, 13 Apr 2019 12:49:47 GMT
custom.css
mein-babypaket.com/template/_media/assets/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://mein-babypaket.com/template/_media/assets/css/custom.css
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
3f07319253382569f596a9d1b1b08b69b6ceabead13cec3f903f07047bc7add4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=995
Content-Length
2120
Expires
Sat, 13 Apr 2019 12:49:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 00:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2809361
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33495
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 00:27:05 GMT
jquery-popunder.js
mein-babypaket.com/template/_media/assets/js/
5 KB
3 KB
Script
General
Full URL
https://mein-babypaket.com/template/_media/assets/js/jquery-popunder.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
db557ccea13c20360f029644b3c175a86cd6ffbc361e4b9393921ff7384271b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=994
Content-Length
2434
Expires
Sat, 13 Apr 2019 12:49:47 GMT
jquery.fittext.js
mein-babypaket.com/template/_media/assets/js/
1 KB
960 B
Script
General
Full URL
https://mein-babypaket.com/template/_media/assets/js/jquery.fittext.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
c499a934a3a4111346993c847d1b0ecd309295fb2d3f0e57b9d44ecaac732e17

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
586
Expires
Sat, 13 Apr 2019 12:49:47 GMT
global.js
mein-babypaket.com/template/_media/assets/js/
9 KB
3 KB
Script
General
Full URL
https://mein-babypaket.com/template/_media/assets/js/global.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
af86e04267ed8cabf08af1f78e2f83a370f09b68e3b884c1bd996b4139131a5e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
2860
Expires
Sat, 13 Apr 2019 12:49:47 GMT
custom.js
mein-babypaket.com/template/_media/assets/js/
311 B
576 B
Script
General
Full URL
https://mein-babypaket.com/template/_media/assets/js/custom.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
1cf50381e3cb99f0bc3d75d95ae567bb657595b6160f6770029dea00233b21f4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
202
Expires
Sat, 13 Apr 2019 12:49:47 GMT
babyprodukte.png
mein-babypaket.com/template/_media/assets/img/
441 KB
442 KB
Image
General
Full URL
https://mein-babypaket.com/template/_media/assets/img/babyprodukte.png
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
50ff6e8939a6ee93191bd7f4c783294e7ebee6df87d8e623fe687304138ff53a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://mein-babypaket.com/
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
452013
Expires
Wed, 24 Apr 2019 12:49:47 GMT
script.js
zadcloud.com/
58 KB
58 KB
Script
General
Full URL
https://zadcloud.com/script.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.159.129 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
129.ip-54-38-159.eu
Software
nginx / PleskLin
Resource Hash
c52b75e53a6ea4f813b6664c66300f394c27e8a99c596aefd7260ebf5921f992

Request headers

Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Apr 2019 12:47:46 GMT
etag
"5b7c1039-e7d5"
last-modified
Tue, 21 Aug 2018 13:14:33 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
59349
license.44.js
zadcloud.com/
3 KB
3 KB
Script
General
Full URL
https://zadcloud.com/license.44.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.159.129 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
129.ip-54-38-159.eu
Software
nginx / PleskLin
Resource Hash
0aeb7c1e4a2b811f56bcc0ff9e085b8ae149796737bafc24369e5ce11ec6989d

Request headers

Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Apr 2019 12:47:46 GMT
etag
"5b7c1039-bfe"
last-modified
Tue, 21 Aug 2018 13:14:33 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3070
storage.js
zadcloud.com/
2 KB
2 KB
Script
General
Full URL
https://zadcloud.com/storage.js
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.159.129 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
129.ip-54-38-159.eu
Software
nginx / PleskLin
Resource Hash
f057ff6952c4ecfeba0107a9e50237b2059f72728c288bc3fb4b39048498e149

Request headers

Referer
https://mein-babypaket.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Apr 2019 12:47:46 GMT
etag
"5b7c1039-8c2"
last-modified
Tue, 21 Aug 2018 13:14:33 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2242
bg.png
mein-babypaket.com/template/_media/assets/css/template/_media/assets/img/
1 KB
1 KB
Image
General
Full URL
https://mein-babypaket.com/template/_media/assets/css/template/_media/assets/img/bg.png
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
709de75d791e5da47d4296c826643e21f97e2ce3b163282dfcfd10c9b8eeb27c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
mein-babypaket.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://mein-babypaket.com/template/_media/assets/css/custom.css
Cookie
PHPSESSID=8a690b01628d2ffde6c9bf85aca6c51d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://mein-babypaket.com/template/_media/assets/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 10 Apr 2019 12:49:47 GMT
Last-Modified
Tue, 09 Apr 2019 15:00:06 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
1065
Expires
Wed, 24 Apr 2019 12:49:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900
Origin
https://mein-babypaket.com

Response headers

date
Mon, 25 Mar 2019 20:20:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
1355376
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:11 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900
Origin
https://mein-babypaket.com

Response headers

date
Mon, 25 Mar 2019 20:26:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:58 GMT
server
sffe
age
1355007
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11012
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:26:20 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: mein-babypaket.com
URL: https://mein-babypaket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900
Origin
https://mein-babypaket.com

Response headers

date
Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
1355415
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4357
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4551
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4547
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=10547
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=10025&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
Domain
m.addthisedge.com
URL
https://m.addthisedge.com/live/boost/ra-53d00f7e5e7dca08/_ate.track.config_resp
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9204
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4548
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4549
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=4358
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9151
Domain
tr.rev-stripe.com
URL
https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_containertype=web&cs_esp=powerinbox_web&cs_offset=0&cs_stripeid=9155
Domain
track.fungiers.com
URL
https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25PUA0000V8100HIT1A9K405L1GWF0TPC1D9f06V10BKK05L1G00/?

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery number| lightbox_loaded number| coreg_min_questions function| initFormFields function| get_iframe_content function| initCoregs function| initCoregModal function| setCampaignValue function| getCampaignValue function| switchCampaign function| switchParentFunctionCampVal function| switchSponsorCategory function| setCampaign function| createLightbox function| checkCoregStatus function| setCookie function| getCookie object| jQuery11120821751421331131 function| loadScript string| base function| v7GG object| BetterJsPop function| E4vv function| geo_complete function| checkCampaigns

1 Cookies

Domain/Path Name / Value
mein-babypaket.com/ Name: PHPSESSID
Value: 8a690b01628d2ffde6c9bf85aca6c51d

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.teaparty.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api error URL: https://campaigns.teaparty.org/assets/userevents/application.js(Line 1)
Message:
console-api error URL: https://campaigns.teaparty.org/assets/userevents/application.js(Line 1)
Message:
console-api error URL: https://campaigns.teaparty.org/assets/userevents/application.js(Line 1)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
api.pushnami.com
app.clickfunnels.com
branding.rs-stripe.com
campaigns.teaparty.org
connect.facebook.net
d26b395fwzu5fz.cloudfront.net
ectuerpartie.tk
fonts.googleapis.com
fonts.gstatic.com
hellofromhony.org
in.getclicky.com
m.addthisedge.com
mango.trkpre.com
maxcdn.bootstrapcdn.com
mein-babypaket.com
minently.com
now.daphnesik.icu
platform.twitter.com
s.ytimg.com
s7.addthis.com
securepubads.g.doubleclick.net
static-42andpark-com.s3-us-west-2.amazonaws.com
static-42andpark-com.s3.amazonaws.com
static.getclicky.com
staticxx.facebook.com
stats.g.doubleclick.net
tr.rev-stripe.com
track.addevent.com
track.fungiers.com
trk.vmwwtracking.com
up.trkgenius.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.teaparty.org
www.youtube.com
zadcloud.com
m.addthisedge.com
tr.rev-stripe.com
track.fungiers.com
107.6.174.196
109.234.39.160
143.204.101.100
143.204.101.65
143.204.98.220
172.217.18.2
176.123.9.53
185.3.41.66
198.143.165.220
198.145.13.14
2.23.104.167
205.147.93.131
209.197.3.15
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:ae28
2606:4700::6810:cc2
2606:4700::6810:dc2
2606:4700::6810:dd1d
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:818::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c0a::9a
2a00:1450:4016:807::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
31.170.100.125
31.170.100.126
34.251.68.15
52.218.128.134
52.218.201.137
52.27.161.170
52.30.81.218
54.38.159.129
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
0302062198f620bbad1f0c5bb411c1a2bf77b1221f13dbfd6e0d735a8f03daf5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0734676e0ee7d4c3dd7f42a8573769a79b89ea657df3e8f8864c6ae035c27ed7
0aeb7c1e4a2b811f56bcc0ff9e085b8ae149796737bafc24369e5ce11ec6989d
0b0dcd8bc8579c3d7ed993cf29aa4c84d46685d707a74cb2f8456b0a4db50cb7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112598aec18a565ba20e3b8e98effb939ac9a44b2030966dc54de7167d16cb7c
16de38d22e3f5fc336e40b41fa1fe872224f3cd43e664683fcaf286bc3e82235
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1c7f09a9c94afc0a7633f788c0bd7620aa6bf33c902b3452cbadd6a3a0152325
1cf50381e3cb99f0bc3d75d95ae567bb657595b6160f6770029dea00233b21f4
1e5be85ea09e74c49b5d4833b08ed3f94bac45011135734120a75baf512c594d
227c55c1a9f7d64807fb7b85da574d27e8e297ce2f109d5c3a2459c51603526a
261ab6bc4fede6ce28807f9ee8e7b0997f232428bd899f1de60e33191037d4fd
2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3
2a0842f3311263f7d820d9300a2874d28faa2d4e4fc87a00306c453d316fba98
2c3addddfc6143973b34342cbe6635f0a46818d088d08abbd77bbd1477113e1c
2e6d7765988a82de04c32036cd1ac72b596dcba8c6dbb0e673e8ffcfce9341d8
2eb677641caf412c077356f6355bc5d3bbfc6380ba9f835e07e1f182cf04c356
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f55eecdb048ac1246ffa57316474b098aa470a3eccbaa0b11a33af918f15bb8
30f732659266c40ba78d7b0ca00d5e9fb5514a8eceb5a93a9c4f71d2d3518eac
32fe96cfa3a9f406d692ea1a3843913667053d186916604fd1b15c3049750841
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f07319253382569f596a9d1b1b08b69b6ceabead13cec3f903f07047bc7add4
43001733235888c4a12ee8147a20fb01643d6be427b730fc021e0b04a111abf6
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4d69fb19a4d8ec51f92e20c0c6f682c41316545595166bb040736b143b001d5a
4e313d3a35d56857de57058e3f0417533c54d66a4847c72638d4f82f7f524803
4eef3a224a3b6dbebd9f301ae36d3738912038740f16e377075f7d65210777df
50dc85c34ee90310850b08a9846d30ce1ad1aa843e7fb06808574f650dff68cd
50ff6e8939a6ee93191bd7f4c783294e7ebee6df87d8e623fe687304138ff53a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
5c32339f2b53b94685c47decc940ccfb07e6dab530e38713d409cedc8a44470d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63043180f65203c54dcc9c0f283788ad78fe291209b96dcd2367bc3420cbadc3
6bb768e37256dc6ef97a1474cf80481a03090308c247ede2255c2cb704e95e63
6d32bfb24381e7f3dcdaf400e5e1c6dbfb70b09a271e475743f8f9c1d13cf042
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6e9277dad142d8ccd1fa7de77c1736f12235737db2c8abaf45fc76a9e80490a0
701320ad0e56e545c115bffe4bba636e0979d20cec4f2e7f2036af15cb9cefd4
709de75d791e5da47d4296c826643e21f97e2ce3b163282dfcfd10c9b8eeb27c
711be9eae8b0f5f74799bdb32d514904b0926e74961bfddc70a0911bd383c5c0
73535f34f06d7a3979b08a169f4bf0cbdb55089dfc3515a0761bf4d7d02b6d24
787932f10fba4dd5e31a27057d538d7bd7cbf7836311b4fb9ec234a2839122d3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
7fd1d271d229741cbc5e2630483f9926c398cb76c343090232cdf8560a7a5968
810399a59de3d8605cd7822be23f95793bcaaac487f16174d4e29a37b6cbe77f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842bb8073670b72e2a266690324e47f9ac2316fa49bb4405b052c384e193d9fa
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840
86bff290c65ba257fe76fdf1b17fe8cb104b386fd6733f7cea38a3c92bb384d6
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
8cb62874250c2fe9ab6da9a15aa3ebd9f9c18149fce3e30cc18c8c704c0e5c58
9202e1a4dcd79aaefa17d6945e3e95e1e827081cd6e0449816a3a6c22772d2a0
94ad9853f9f34959d715a372a763378a63c2f60b3416d3cfcdcf4618df37f09a
97c6d8dc5b926a5ffef6a8d861fff2e59edf798799b83d37950cd11b6560445e
97fe7b6c82efcdb3e6ad524fd4e85f82bdc048d4dccaf642d597967c0b0bb9c4
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
a9364847832364dc12174d40cd5b3074be46c3a4f17ba7f28fd3207640065746
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a
af86e04267ed8cabf08af1f78e2f83a370f09b68e3b884c1bd996b4139131a5e
b2810c25d2c5bb556a47609c0869ddc92d7df222eb58b5260bacd8ab798569ee
b8f5690795c94dbda993b45502887298c1e0fcb304d0740bdb78445812e879d4
bb5608a893aec2a0508df7d4433990f7e8e413873c081e503397622fecb33853
bbdd54fc29479aa22c3a6622a9259e560702c3fc66835578dab936308611fbc7
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c369d7f71ddeac7e19c0d0e33f1fc6263467b693bfb84cbb336f0977119247e5
c499a934a3a4111346993c847d1b0ecd309295fb2d3f0e57b9d44ecaac732e17
c52b75e53a6ea4f813b6664c66300f394c27e8a99c596aefd7260ebf5921f992
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
cb1d8981cdd6614ba3bea139efa8cea96c41f10684c165259ad0843b4d0bc90e
cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e
d36bfaa5303a852966e6cb9f5d932b7e1a133856464a6d3552822d529cc33dd1
d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1
db557ccea13c20360f029644b3c175a86cd6ffbc361e4b9393921ff7384271b9
db6cd59c42c777b02410dca9f0a28e5d02cc4fb4fad189645bb2398941c4ce59
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
debda053221dfc71da7827c79c0bb30ea79a8509d58b2fd862efd086c2b7a20f
e11ca23f7061b98c093a671a87e2ac4094540570cfdc2d3d84bd3a06f766a013
e14dee1db7f8ce563e1560e4c71e47bf5329247aac33363fc076784a4864f798
e1acec464dad1ad8fb5c4d51e7c6ab0f21a5c77eddcb60792c23b8e6dc212bd5
e59731a05ac4ea5c4df6a4a3b36107d9ec13c08bb59857fd6b71868f1e8f0115
e7f8846c97890489c47275abcac54342e7f44b46f8cad5ff204d2b1bdd8d09cf
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b
f057ff6952c4ecfeba0107a9e50237b2059f72728c288bc3fb4b39048498e149
f0d8fc1cc14db8f9ebd14638b0530030bb3c7d1dab71f5e0ec558a6594658cd4
f2b3d9d5dccf58c441685fd0a293481334f22c379007e4c97867558a27b6be61
f686675793866e5deef717f06df0a8f168c72a226f9b32fea58cc2b08858b3bd
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fae244ce24caf95c958502ccb0a8c15b845d059ddaa93b2e549f5b9e4cee6817
fb7ac2d8a617b999fcb98f08f3792b803181437f8f3879a5e5f4379cde8ad44e