Submitted URL: http://email.weecare.co/c/eJyVUl1vmzAU_TXwgojAEDs88NCEtYvadZvSJF1ekDEXcGMwsx3S7NfPZGqLpr1MutKFc4_v17mMtj3ldefMlwoY7zl0Ji...
Effective URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email...
Submission: On November 17 via manual from US — Scanned from DE

Summary

This website contacted 28 IPs in 4 countries across 22 domains to perform 64 HTTP transactions. The main IP is 184.169.220.6, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is weecare.co. The Cisco Umbrella rank of the primary domain is 391595.
TLS certificate: Issued by Amazon on July 1st 2022. Valid for: a year.
This is the only time weecare.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.86.85.56 396982 (GOOGLE-CL...)
5 184.169.220.6 16509 (AMAZON-02)
9 18.66.115.169 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a04:4e42:200... 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.163.112.23 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.76 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
64 28
Apex Domain
Subdomains
Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
800 KB
9 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1331
68 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
71 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
jnn-pa.googleapis.com — Cisco Umbrella Rank: 261
fonts.googleapis.com — Cisco Umbrella Rank: 43
37 KB
6 weecare.co
email.weecare.co — Cisco Umbrella Rank: 539745
weecare.co — Cisco Umbrella Rank: 391595
890 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
www.linkedin.com — Cisco Umbrella Rank: 576
px4.ads.linkedin.com — Cisco Umbrella Rank: 6256
4 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
static.doubleclick.net — Cisco Umbrella Rank: 309
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
132 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
58 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
203 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409
378 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4191
57 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 790
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
84 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5922
501 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 950
170 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 716
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 115
15 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
33 KB
64 22
Domain Requested by
9 www.youtube.com weecare.co
www.youtube.com
9 cdn.segment.com weecare.co
cdn.segment.com
5 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
5 weecare.co weecare.co
4 jnn-pa.googleapis.com www.youtube.com
3 connect.facebook.net cdn.segment.com
connect.facebook.net
3 cdn.jsdelivr.net weecare.co
2 www.facebook.com weecare.co
2 px.ads.linkedin.com 2 redirects
2 cdn.linkedin.oribi.io snap.licdn.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google-analytics.com cdn.segment.com
www.google-analytics.com
2 browser.sentry-cdn.com cdn.segment.com
2 www.google.com www.youtube.com
weecare.co
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 unpkg.com 1 redirects weecare.co
1 cdnjs.cloudflare.com weecare.co
1 fonts.googleapis.com ajax.googleapis.com
1 www.google.de weecare.co
1 stats.g.doubleclick.net browser.sentry-cdn.com
1 px4.ads.linkedin.com weecare.co
1 www.linkedin.com 1 redirects
1 api.segment.io cdn.segment.com
1 snap.licdn.com cdn.segment.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 ajax.googleapis.com weecare.co
1 code.jquery.com weecare.co
1 email.weecare.co 1 redirects
64 30

This site contains links to these domains. Also see Links.

Domain
meetings.hubspot.com
www.wrike.com
childcare.gov
www.facebook.com
twitter.com
linkedin.com
Subject Issuer Validity Valid
weecare.co
Amazon
2022-07-01 -
2023-07-30
a year crt.sh
*.segment.com
Amazon
2022-01-12 -
2023-02-10
a year crt.sh
*.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-08-27 -
2022-11-25
3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.segment.io
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
linkedin.oribi.io
Amazon
2022-07-07 -
2023-08-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.de
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh

This page contains 3 frames:

Primary Page: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Frame ID: F271D0D5C93DBD9662355F9596AF2EFE
Requests: 40 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RJqKvNI2mwM
Frame ID: 9D3D7467D01761943E295D37B841B49E
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E75A122183DE5813A7BD7721B4CEB8CD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

How Organizations Can Get Started with Childcare Benefits

Page URL History Show full URLs

  1. http://email.weecare.co/c/eJyVUl1vmzAU_TXwgojAEDs88NCEtYvadZvSJF1ekDEXcGMwsx3S7NfPZGqLpr1MutKFc4_v17... HTTP 302
    https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

64
Requests

95 %
HTTPS

79 %
IPv6

22
Domains

30
Subdomains

28
IPs

4
Countries

2295 kB
Transfer

5594 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.weecare.co/c/eJyVUl1vmzAU_TXwgojAEDs88NCEtYvadZvSJF1ekDEXcGMwsx3S7NfPZGqLpr1MutKFc4_v17mMtj3ldefMlwoY7zl0Ji9lS7mFsvQM2oDqqNZgZky2LqQhxgsSoDkJ3DKdL6qYuOwjyUAVp4bL6-uV7IySwuUpChAKw5CEGCVRMCNViRHCCSFQYYgWThycARhVYIu4TVoFNK4qFpCSoACjcB4BxSiKFxEqKUqwq1IqKgXlrLV9jo__alOkjTG9dqIbB91a-8hufwoha-t6qY22HtpeyAuAzxouypHmF9BBxY32wyD0G3n2jfRrML42VBkox5zR7cm0uZYnxcCJstpuTDgIj2ALJT-1FoQJ-L6jKJMno4CyxkYGUDLnpQV7JUs_jEgSo_gtwGQ32NBu831D7k6R_9R8Ogb1Vizvtxeht_Lm4OM7sWmb3edKD_fPcbdp68UDUoQ_yddvyeEXexDrR7xcPylRKha83n7NfqL6bpsc6keW73bP633Ghh9ZWDQ78TI_5lMt9al4AWauSjbAjryrPd55tLADeO_L8iqpvP0fAbybUQHvC-1oDa09Je9tuXqa-O1znNwmT5J5QPCUYJcxVs472sLI2AOsbCkHrbx1x2ZTqrn0V8oSGjpwKwcV0_BVgvw_JnHI0hoMtvnxknraXa5t2MDKq6gQBWVHe1eeg8jFlrPOIZm1f49qRpQaeB_FNWkxadWko9K_AUSEMUE HTTP 302
    https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/aos@next/dist/aos.js HTTP 302
  • https://unpkg.com/aos@3.0.0-beta.6/dist/aos.js
Request Chain 25
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 52
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_ HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2811684%26time%3D1668707493125%26url%3Dhttps%253A%252F%252Fweecare.co%252Fblog%252Fposts%252Femployee-childcare-benefits-101-how-to-get-started%252F%253Futm_source%253Dgmail%2526utm_medium%253Demail%2526utm_campaign%253Doutreach%2526vero_id%253Dprod-1379424%2526vero_conv%253DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_&liSync=true&e_ipv6=AQIpgUdJoDxX6wAAAYSGt6ajZqHNUdOI1faQyBhrc_CVtnu8-WB-PX38SXr6X3rgw3Xcl0rpe6gtCw

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/
Redirect Chain
  • http://email.weecare.co/c/eJyVUl1vmzAU_TXwgojAEDs88NCEtYvadZvSJF1ekDEXcGMwsx3S7NfPZGqLpr1MutKFc4_v17mMtj3ldefMlwoY7zl0Ji9lS7mFsvQM2oDqqNZgZky2LqQhxgsSoDkJ3DKdL6qYuOwjyUAVp4bL6-uV7IySwuUpChAKw5CEGCV...
  • https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-...
362 KB
70 KB
Document
General
Full URL
https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.169.220.6 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-220-6.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bb60d8e7cdf8c94351ba4c094487ff9f9db4c5b11fd27a01bf8991122a491c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
71404
content-type
text/html
date
Thu, 17 Nov 2022 17:51:31 GMT
etag
"3be274df80f3dabeb3312977caf73661"
last-modified
Mon, 14 Nov 2022 20:46:54 GMT
server
AmazonS3
x-amz-id-2
XLp/GJQ5GSKLBQHx0MIZ2iu2KpdTbeIilVq8BYfpbtFZSBwoW4vFfBg5mJBpTqO8Tk728S4n5a0=
x-amz-meta-md5chksum
3be274df80f3dabeb3312977caf73661
x-amz-request-id
Y13433NTGDBZ0QTM

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store
Content-Length
936
Content-Type
text/html
Date
Thu, 17 Nov 2022 17:51:31 GMT
Location
https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
X-Robots-Tag
noindex
X-Xss-Protection
1; mode=block
analytics.min.js
cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/
100 KB
27 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6fab707875797392799a347bd4b3aeb609f3044ad8bbb0caba0a593cb74a657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
1a1kLxI.1KNUs1qfbBs013Pai_jqcdHx
content-encoding
br
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
date
Thu, 17 Nov 2022 17:51:32 GMT
x-amz-cf-pop
FRA56-P5
age
98
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 20 Oct 2022 19:34:12 GMT
server
AmazonS3
etag
W/"7cb26a02632823dcf1fda24cb022f267"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
BXj1fNEzmg3AB7sKnU8Uu_P2cfmeO_AbexPDPYM5qjawoyQSC50Z5g==
weecare_logo_and_wordmark_black.svg
weecare.co/blog/images/
18 KB
8 KB
Image
General
Full URL
https://weecare.co/blog/images/weecare_logo_and_wordmark_black.svg
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.169.220.6 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-220-6.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
ce1d7d335d4181a57608a71b46435d7c78fbcdf3d7ced961bbe2739b2ea692cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 00:58:59 GMT
server
AmazonS3
x-amz-request-id
DW4JHE3JQ29EWAPT
etag
"43ed3391e332dcc97e9360ce8f3c0a65"
content-type
image/svg+xml
cache-control
max-age=31536000, no-transform, public
content-length
7410
x-amz-id-2
fEcau5kaRu3V9VIXyv9WiDzM82T6h3vSPIFkp2ejriT0XbjjEnqlJPdb9wI1gtEOJUpURzfrs6Q=
silly-toddler-with-money-and-piggy_hu9339f0e0203a8292e98c62a399d060e1_4589421_2cb674603cde0dc6e01552824d7e012c.webp
weecare.co/blog/uploads/
75 KB
76 KB
Image
General
Full URL
https://weecare.co/blog/uploads/silly-toddler-with-money-and-piggy_hu9339f0e0203a8292e98c62a399d060e1_4589421_2cb674603cde0dc6e01552824d7e012c.webp
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.169.220.6 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-220-6.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
83c8b109fde651f82e3589f2c265de4ee9a332d6d844d2d4be95a8a36f48620e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
last-modified
Thu, 04 Aug 2022 23:17:43 GMT
server
AmazonS3
x-amz-request-id
DW4MJ54QTFWNXD3J
etag
"bd779b3b5affea7d8d098725bf5823a1"
content-type
image/webp
cache-control
max-age=31536000, no-transform, public
x-amz-meta-md5chksum
bd779b3b5affea7d8d098725bf5823a1
content-length
76982
x-amz-id-2
FJgZWFcsNnNN5dhLW8Qjd6skqNkq8ZO4oc+zYEZF1sficLXDwz+95E+REDfpn0dgf1AbAXjTZDs=
icon-weecare-heart_huc5ccae95d3ebd1d52a3660a77786fa4c_27228_d9a8b41fc1ba00e59228cab97ded5350.webp
weecare.co/blog/images/
1 KB
2 KB
Image
General
Full URL
https://weecare.co/blog/images/icon-weecare-heart_huc5ccae95d3ebd1d52a3660a77786fa4c_27228_d9a8b41fc1ba00e59228cab97ded5350.webp
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.169.220.6 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-220-6.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
349a560ab662b93dd7df34f8631e501c0c184678f8fdf4f967609ba8cddf51a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
last-modified
Wed, 27 Jul 2022 21:39:23 GMT
server
AmazonS3
x-amz-request-id
DW4JKNW7E56B5F8X
etag
"be6792dea28c727d02d1ee084081d506"
content-type
image/webp
cache-control
max-age=31536000, no-transform, public
x-amz-meta-md5chksum
be6792dea28c727d02d1ee084081d506
content-length
1254
x-amz-id-2
9KYGfhR5odRC1mIaW376rXM27JEnrUSK/wEAuRHWGC/kG91nXtQIrs2mfwJtZT00LuSMMV4WSiU=
cute-baby-with-teddy_hub581cde5a9c79e665b84d4e48cd9c9ea_4234322_3864x2576_resize_q90_h2_box.webp
weecare.co/blog/uploads/
733 KB
734 KB
Image
General
Full URL
https://weecare.co/blog/uploads/cute-baby-with-teddy_hub581cde5a9c79e665b84d4e48cd9c9ea_4234322_3864x2576_resize_q90_h2_box.webp
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.169.220.6 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-220-6.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
929365eef6f35cc4d88a59fa0432d708f1200b4396ed8294480ac181bbae178b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
last-modified
Thu, 04 Aug 2022 23:17:43 GMT
server
AmazonS3
x-amz-request-id
DW4MYB3TRZJS2G78
etag
"a1cc79d14a8922978aa8a6e2c3ab6e58"
content-type
image/webp
cache-control
max-age=31536000, no-transform, public
x-amz-meta-md5chksum
a1cc79d14a8922978aa8a6e2c3ab6e58
content-length
750914
x-amz-id-2
bkaKusaE7QPmHsEza2JJAYsoKwasIOF7/nDE5KbaY/4jX5EspjA1PyZjmR39R+fNFYI2ypjYwSs=
RJqKvNI2mwM
www.youtube.com/embed/ Frame 9D3D
68 KB
28 KB
Document
General
Full URL
https://www.youtube.com/embed/RJqKvNI2mwM
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d459896507d9f2ca4b4896c225c4c1e29079167a62a6bfae2c08ee980deac43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weecare.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 17:51:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
jquery-1.12.4.min.js
code.jquery.com/
95 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://weecare.co/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17b8b"
vary
Accept-Encoding
x-hw
1668707492.dop124.fr8.t,1668707492.cds103.fr8.hn,1668707492.cds167.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@8/
140 KB
40 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27250
x-jsd-version
8.4.4
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA, cache-yyz4548-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2310e-YgoXHzBgFVHspCsWstmF72fEP1g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPd6Xm0VzDe8eGU9TkxYmHy%2FOTx94VkjfpJrFsF5mMdNyjoz9fNUEwDVo79oy2w5qmPP4W3fYUj4%2FzFZdwVxVIARdGNpOxhZ63vJ8PeD8x7i40bfNwb5TAEqJvrdyZ%2B0ox6e4RqmsB0Tph9czeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76ba50a37d109b8c-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/
50 KB
15 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weecare.co/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20852978
x-jsd-version
4.1.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"c75f-J6cbADg9Ye88SJMms1ZNaY/BInw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym%2BoXDPWVOCUWYgRJCsRx08xPfUdNrDFu%2F5yr1CTUhCXC5G2WzrT2Hes2IeQv6V1QfdxxN5JYLYDvZ9K5%2BMJ19KSrIALY7WuAPsDjO5XKctNBBRkiE%2BLgj6W0ULVpGW9gyIItWZSkXgAjgfM%2BAU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
76ba50a37f7d5c14-FRA
aos.js
unpkg.com/aos@3.0.0-beta.6/dist/
Redirect Chain
  • https://unpkg.com/aos@next/dist/aos.js
  • https://unpkg.com/aos@3.0.0-beta.6/dist/aos.js
13 KB
5 KB
Script
General
Full URL
https://unpkg.com/aos@3.0.0-beta.6/dist/aos.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22957239
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FWQ5SQX749GFZVZ3J687ZBXX-fra
server
cloudflare
etag
W/"35e8-44lQwbzmXp8EjjBbNWf/kKDJI+M"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ba50a3cfc99a2f-FRA

Redirect headers

date
Thu, 17 Nov 2022 17:51:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GJ3B30TRKF7F261K5BBYPDCM-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
401
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/aos@3.0.0-beta.6/dist/aos.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
76ba50a38f459a2f-FRA
rellax.min.js
cdn.jsdelivr.net/gh/dixonandmoe/rellax@master/
7 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/dixonandmoe/rellax@master/rellax.min.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb17fd6899c7a1c9e6ae282ada120324605202725d179347f8ea1ee49d8f1e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29193
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA, cache-mia11375-MIA
x-jsd-version-type
branch
server
cloudflare
etag
W/"1b78-2puV9gXjrtjKT9dQ2O+aic40igc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDlKOWYeXljG%2BoCRVNW9H6l5rsoenDKeIZRIGncc1LsBzWu1CAF7OddqpYG64MNDBjpZ8%2FAP5oqOQD2b1n4K9AUqNGqvILvgKADrsoJvrdS5d5FUv5IiG3QSqKHl4EI%2F0Da4%2FtMSngfGTNfgGLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76ba50a37d169b8c-FRA
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:50:56 GMT
settings
cdn.segment.com/v1/projects/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/
3 KB
2 KB
XHR
General
Full URL
https://cdn.segment.com/v1/projects/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b397c82f7f6f0f1214c4ed7461867cfdc181a0f79142cad557f416d019d89534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
m_syNKOwdpHNIJpmpOdri9pDJSIjSIsr
content-encoding
br
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
date
Thu, 17 Nov 2022 16:18:08 GMT
x-amz-cf-pop
FRA56-P5
age
5605
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 02 Sep 2022 22:11:25 GMT
server
AmazonS3
etag
W/"2b18536405c67a31d45dc5d599a3018e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
1szbOEoMnu4MmTan1yVZLr6hDFD8JBtnag3dOSy1PAQAbC2bJU7AtA==
www-player.css
www.youtube.com/s/player/6870f412/ Frame 9D3D
359 KB
49 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/6870f412/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a81c441e488822e3b9386082cb57e92ac5b857757b485b9afbc87e0aad2d9415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
93546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49763
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Nov 2023 15:52:26 GMT
www-embed-player.js
www.youtube.com/s/player/6870f412/www-embed-player.vflset/ Frame 9D3D
310 KB
96 KB
Script
General
Full URL
https://www.youtube.com/s/player/6870f412/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
025da3189553cc8c7431fee69149291ee5154cdbc0b260192a405f9a761eaf04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
93538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98466
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Nov 2023 15:52:34 GMT
base.js
www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/ Frame 9D3D
2 MB
579 KB
Script
General
Full URL
https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
143044b70e8dea408c020786c55869f28b9f0bc89df6a935518d5003769197fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:53:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
93477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592176
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Nov 2023 15:53:35 GMT
fetch-polyfill.js
www.youtube.com/s/player/6870f412/fetch-polyfill.vflset/ Frame 9D3D
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/6870f412/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
93538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Nov 2023 15:52:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9D3D
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 19:21:27 GMT
x-content-type-options
nosniff
age
167405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 19:21:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9D3D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 18:59:48 GMT
x-content-type-options
nosniff
age
168704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Nov 2023 18:59:48 GMT
ajs-destination.bundle.69f445038fee7a77bb89.js
cdn.segment.com/analytics-next/bundles/
8 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.69f445038fee7a77bb89.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:24:28 GMT
x-amz-version-id
WI8pOKlyfV9AXZHeowi3JyqzAgSQbg4.
content-encoding
br
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1960025
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 25 Oct 2022 18:25:15 GMT
server
AmazonS3
etag
W/"a92b4438941110932485ba4d769e9fcf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
uhvqBAW7aTqSrANZ8LxkJLA7sodVX0SZq0xPBk0RUnwaV5VhD9G25w==
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 02:10:35 GMT
x-amz-version-id
PLd.pUpm7LMRbNOoL15lZ8ocuYHxqnzt
content-encoding
br
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1093258
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sat, 05 Nov 2022 01:03:42 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
LOJZoE12CNvZkeEUR1WJam7hluCodj2swLLCCjJVsGzHGcE3e2Ibfg==
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/
16 KB
5 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:26:49 GMT
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-version-id
93Sj1E.cRs_JOVEMHMClfQYLj8ysGAbV
x-amz-cf-pop
FRA56-P5
age
887084
x-cache
Hit from cloudfront
content-length
4743
last-modified
Mon, 24 Oct 2022 18:48:00 GMT
server
AmazonS3
etag
"36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
uM-x--ZXsbYTmW3r0_weW_jHAEOVpwOhXA2FkfbZS9uKgC2OHAOUkA==
facebook-pixel.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/
10 KB
4 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/facebook-pixel.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
782a8288e0ccc0edfc1a2d83961a8d6ee5a908246c25aa01c5eae7a681584495

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 12:47:02 GMT
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-version-id
RTxiycDerKdpoyALA__FPwQKxkLdwn1E
x-amz-cf-pop
FRA56-P5
age
536671
x-cache
Hit from cloudfront
content-length
3269
last-modified
Mon, 24 Oct 2022 18:48:00 GMT
server
AmazonS3
etag
"a6a51bf375940b6b8b8dc17bad7c100d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
nCVVgdmTxplU90lVbTeYfNlxFh5K5lNvu4zxU6v1q87Zd8n7hmSR_g==
sentry.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/sentry/3.0.1/
4 KB
2 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/sentry/3.0.1/sentry.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb918e4772434c8678a69a4d9c1683e0ccf4bc2498f5240d1465b8287d2387cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 05:36:06 GMT
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-version-id
5bNum2ops_RpUQWE_bP7Ci0RrOJq1fgB
x-amz-cf-pop
FRA56-P5
age
994527
x-cache
Hit from cloudfront
content-length
1635
last-modified
Mon, 24 Oct 2022 18:48:00 GMT
server
AmazonS3
etag
"ddd169ee2d3b58407ac01df09d8dbdc7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
SeqfosFeAqq_Ix-ey-xH4Nxy7Zfp8nPWg1XQcHzZOOMlzvb4NAHJcw==
linkedin-insight-tag.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/
2 KB
2 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 08:53:27 GMT
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-version-id
FMY8BWawEYdUKyos6WMQbV7a6Ro2PnOl
x-amz-cf-pop
FRA56-P5
age
723486
x-cache
Hit from cloudfront
content-length
1061
last-modified
Mon, 24 Oct 2022 18:48:00 GMT
server
AmazonS3
etag
"9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
BsAcPpjbGBCaaoZzok_lju6_Pu1yq7BrkCKzIVfiiba6W6rUBehWMg==
id
googleads.g.doubleclick.net/pagead/ Frame 9D3D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
145 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c466c62a5c8e71d6de4a33e2d72b1554f94df7861842d8463d9f45a2a13a9562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Nov 2022 17:51:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 9D3D
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:50:09 GMT
x-content-type-options
nosniff
age
83
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Nov 2022 18:05:09 GMT
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/
73 KB
22 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:27:32 GMT
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-version-id
t.HHEvUZUgxzLKa1tzzXBbRzWu6jUMd.
x-amz-cf-pop
FRA56-P5
age
620640
x-cache
Hit from cloudfront
content-length
22177
last-modified
Mon, 24 Oct 2022 18:47:58 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
uKQ2tFzw5DFyLVJXL-8XX8jw5sqn6y8Vl4G3n9bQWV2VeuaWvM1S1A==
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 17 Nov 2022 17:51:32 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9D3D
66 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d81cb8f9c29d3a31c61cb7ad4e180929bf60fd9234525ae9a02da7b45719697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30936
x-xss-protection
0
remote.js
www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/ Frame 9D3D
119 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
897f979133e001c87fcaca3ae00aa8410a991c85df6cc489b51d032fbbb36ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37233
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Nov 2023 15:53:44 GMT
98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
www.google.com/js/th/ Frame 9D3D
36 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 11:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
539723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 11:56:09 GMT
embed.js
www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/ Frame 9D3D
26 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24191d39422869585aa969dd369a12a9340eaa7ec3b86006aee19cca4968bf27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
93444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8296
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Nov 2023 15:54:08 GMT
truncated
/ Frame 9D3D
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu9TmyEaEeWxwGLBQpzSPduQwFsDc4ZGtcxGtoAS=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9D3D
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AMLnZu9TmyEaEeWxwGLBQpzSPduQwFsDc4ZGtcxGtoAS=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df7aa22d23c6b9ca1143abd9b265a438fcd9b4d12d51dec93d569cad43e00290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:45:17 GMT
x-content-type-options
nosniff
age
3975
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2984
x-xss-protection
0
server
fife
etag
"v40"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 18 Nov 2022 16:45:17 GMT
sddefault.webp
i.ytimg.com/vi_webp/RJqKvNI2mwM/ Frame 9D3D
15 KB
15 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/RJqKvNI2mwM/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d0acd142d7f8a9286932780a000e029d8d15ee80a0edd55d9d30149580576e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
x-content-type-options
nosniff
server
sffe
etag
"1651188599"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14918
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 17 Nov 2022 19:51:32 GMT
fbevents.js
connect.facebook.net/en_US/
103 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Nov 2022 17:51:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
fTIQANu4aYsrq+1QFhp0C/lmNaqT38o62Bmztcd8qynkRCpN3MCX+WjXGj4bt0oWhfcrRRFyJSzQJley7ERz4w==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bundle.min.js
browser.sentry-cdn.com/5.12.1/
55 KB
55 KB
Script
General
Full URL
https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://weecare.co/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 04 Feb 2020 11:19:05 GMT
server
Fastly
age
19567071
etag
W/"1c5228c89d281d08aa0ce908f582609a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-guploader-response-body-transformations
gunzipped
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
56268
expires
Wed, 05 Apr 2023 06:33:41 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e03c212b80d927c7967abd13c2e5e9ac0dcbc656c91fb72cfc7dc80a1245188d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:33 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 08:18:09 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=52036
accept-ranges
bytes
content-length
4626
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 17:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2138
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 17 Nov 2022 19:15:54 GMT
p
api.segment.io/v1/
21 B
170 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Qd0Rc66bRb2rXgv07nbVbbxb1k6VuyCd/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.112.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-112-23.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://weecare.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://weecare.co
date
Thu, 17 Nov 2022 17:51:33 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9D3D
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 17:51:32 GMT
generate_204
www.youtube.com/ Frame 9D3D
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?gxNBOw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RJqKvNI2mwM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9D3D
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3249621bee752f310f45d1914d013d3bf7305b4ff908ed4aae691c6d692041a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 17 Nov 2022 17:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 17 Nov 2022 17:51:33 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/107/ Frame 9D3D
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/107/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 18 Nov 2022 14:30:37 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1357634893&t=pageview&_s=1&dl=..%2F..%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_&dp=%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F&ul=en-us&de=UTF-8&dt=How%20Organizations%20Can%20Get%20Started%20with%20Childcare%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgCIAB~&jid=259754194&gjid=1673918072&cid=1218616642.1668707493&tid=UA-101398532-1&_gid=1055984207.1668707493&_r=1&_slc=1&z=607706136
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://weecare.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 17:51:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weecare.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rewriteframes.min.js
browser.sentry-cdn.com/5.12.1/
5 KB
2 KB
Script
General
Full URL
https://browser.sentry-cdn.com/5.12.1/rewriteframes.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
93a1f3263e3c883f998ff8f4a3fd8afc3066f33daf90248b89e2bb01cd2003f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://weecare.co/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 04 Feb 2020 11:19:05 GMT
server
Fastly
age
5724922
etag
"4e240097ab71acf709caa48e23cd6411"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1807
expires
Tue, 12 Sep 2023 11:36:11 GMT
identity.js
connect.facebook.net/signals/plugins/
64 KB
20 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Nov 2022 17:51:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4GCbP/BiT5kUnyfoaj3V3oAA8ZKEeB4VJYdbx00qZmcjSBF7ZQ0VH44Tp++6e/tkrmD0lj3s+b8dlgvKFJTCUg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1201045656707111
connect.facebook.net/signals/config/
294 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1201045656707111?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70a07dddd40bfb45830ac7af44a2829b2d8175ef6e1f84fd9b32d29fcf8fcb14
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Nov 2022 17:51:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
lhfECKeLoe+r77rHfEmycZG3q0zKmbP1di2nhG7rVg5XGh3ffrVwLMxe+jxTdRu7fZ2Iqt8MexneVbz4Dr+OFA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/2811684/domain/weecare.co/
36 B
378 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/2811684/domain/weecare.co/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://weecare.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Nov 2022 13:25:12 GMT
content-encoding
gzip
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
15981
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=17035
x-amz-cf-id
SoBPXpngjdhETIVgR46dA167UxkOCRo9RkWWMPP7Zab-5E_F-4P8Og==
token
cdn.linkedin.oribi.io/partner/2811684/domain/weecare.co/ Frame
0
0
Preflight
General
Full URL
https://cdn.linkedin.oribi.io/partner/2811684/domain/weecare.co/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://weecare.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
56027
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 17 Nov 2022 02:17:46 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-id
jVSIfjqNRhfh5DuUe6pczQD5id1hbUpkP8cUPmhmSriqHvlI05Pctw==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmai...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2811684%26time%3D1668707493125%26url%3Dhttps%253A%252F%252Fweecare.co%252Fblog%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmai...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgma...
0
481 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_&liSync=true&e_ipv6=AQIpgUdJoDxX6wAAAYSGt6ajZqHNUdOI1faQyBhrc_CVtnu8-WB-PX38SXr6X3rgw3Xcl0rpe6gtCw
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:33 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AE166DFD899C480DAA453FDBCB1D9094 Ref B: VIEEDGE2612 Ref C: 2022-11-17T17:51:33Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtrj1p8yqkm87ZUoxDeg==

Redirect headers

date
Thu, 17 Nov 2022 17:51:32 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 567F1D5CE4DF4235ACCDE3DCD7C1FAE2 Ref B: FRAEDGE1814 Ref C: 2022-11-17T17:51:33Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811684&time=1668707493125&url=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_&liSync=true&e_ipv6=AQIpgUdJoDxX6wAAAYSGt6ajZqHNUdOI1faQyBhrc_CVtnu8-WB-PX38SXr6X3rgw3Xcl0rpe6gtCw
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtrj1itybUHmvd0r88cg==
collect
stats.g.doubleclick.net/j/
4 B
438 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-101398532-1&cid=1218616642.1668707493&jid=259754194&gjid=1673918072&_gid=1055984207.1668707493&_u=aEBAAEAAAAAAACgCIAB~&z=2132744230
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weecare.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 17 Nov 2022 17:51:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weecare.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101398532-1&cid=1218616642.1668707493&jid=259754194&_u=aEBAAEAAAAAAACgCIAB~&z=1355715736
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 17:51:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101398532-1&cid=1218616642.1668707493&jid=259754194&_u=aEBAAEAAAAAAACgCIAB~&z=1355715736
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 17:51:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1201045656707111&ev=PageView&dl=https%3A%2F%2Fweecare.co%2Fblog%2Fposts%2Femployee-childcare-benefits-101-how-to-get-started%2F%3Futm_source%3Dgmail%26utm_medium%3Demail%26utm_campaign%3Doutreach%26vero_id%3Dprod-1379424%26vero_conv%3DVSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_&rl=&if=false&ts=1668707493346&sw=1600&sh=1200&v=2.9.89&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1668707493344.1272399495&it=1668707493120&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 17 Nov 2022 17:51:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css2
fonts.googleapis.com/
3 KB
1011 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weecare.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Nov 2022 17:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 17:41:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Nov 2022 17:51:33 GMT
la-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/line-awesome/fonts/
83 KB
84 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/line-awesome/fonts/la-brands-400.woff2
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240a7c10cf6f7555726e517bd6e61afe7d6655757934e16f1b4ea1f308907247
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://weecare.co/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:51:33 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2512212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84772
last-modified
Mon, 25 May 2020 23:14:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ecc5138-14b24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGfgMqonGrOStxFBmlTvQ8QcV5hPR%2B%2BQpz8PJnp0U4pxI%2Bav8D9R91Lkp7WA4eTEnnCCmIwU%2B%2FZJaYYBuAKCZE9nwot0qh%2Fw0FWv75r8IBNf2UJ%2FnPg6cyeI18pOOKc%2Fs9OCwBUD2A73cDrXjbEHEJT5"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76ba50ac19c95be1-FRA
expires
Tue, 07 Nov 2023 17:51:33 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 19:25:00 GMT
x-content-type-options
nosniff
age
80793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:25:00 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 16:04:49 GMT
x-content-type-options
nosniff
age
438404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 16:04:49 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://weecare.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 19:25:01 GMT
x-content-type-options
nosniff
age
80792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:25:01 GMT
/
www.facebook.com/tr/ Frame E75A
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: weecare.co
URL: https://weecare.co/blog/posts/employee-childcare-benefits-101-how-to-get-started/?utm_source=gmail&utm_medium=email&utm_campaign=outreach&vero_id=prod-1379424&vero_conv=VSQS7Gu3-ThEk0gUlBKUylsUoAZ-6GlSmhVHfsvKX4nSmg8L2r7iToxP9ZzcLlIN6BITrldrc0xFODq2gGU9ZgNc_VVXIWDcvYD1bhVlj5k_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://weecare.co
Referer
https://weecare.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://weecare.co
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 17:51:33 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
log_event
www.youtube.com/youtubei/v1/ Frame 9D3D
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time
1668707495175
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/RJqKvNI2mwM
X-YouTube-Client-Version
1.20221115.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgstbXhMQVRZTlZ6dyik6dmbBg%3D%3D
X-YouTube-Ad-Signals
dt=1668707492562&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 17 Nov 2022 17:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 17 Nov 2022 17:51:35 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| analytics object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| facebook-pixelDeps function| facebook-pixelLoader object| sentryDeps function| sentryLoader object| linkedin-insight-tagDeps function| linkedin-insight-tagLoader object| google-analyticsDeps function| google-analyticsLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| facebook-pixelIntegration function| _fbq function| fbq function| sentryIntegration function| linkedin-insight-tagIntegration string| _linkedin_data_partner_id function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga function| normalize object| Sentry object| __SENTRY__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| $ function| jQuery function| Swiper object| bootstrap object| jQuery1124002693701539734028 object| AOS function| Rellax object| WebFont boolean| isIe

16 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: _ry_DnCPKRQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: -mxLATYNVzw
.weecare.co/ Name: ajs_anonymous_id
Value: 0256f5ad-98e0-4472-9ac4-45f8887b452e
.weecare.co/ Name: _ga
Value: GA1.2.1218616642.1668707493
.weecare.co/ Name: _gid
Value: GA1.2.1055984207.1668707493
.weecare.co/ Name: _gat
Value: 1
.weecare.co/ Name: ln_or
Value: %7B%222811684%22%3A%22d%22%7D
.linkedin.com/ Name: UserMatchHistory
Value: AQJbxDDNOgNNVAAAAYSGt6V5RlfzD3G_b6TtBi7WiUJyqiPE-1YIYjx03mHGLI75WQ0rSzGYWUfZ-g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI3GzoavG8BrAAAAYSGt6V5HKvJdk-m1IcX-_OXiEG4uiddCC-r-xs9XlGLbQmMloLtVytSx2nIosLJmvo0aQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&24f6bd65-5820-4256-8109-e80e61e9ce18"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2777:u=1:x=1:i=1668707493:t=1668793893:v=2:sig=AQH2izuveor9v8HeZLslRQ2KN1EsxV7H"
.weecare.co/ Name: _fbp
Value: fb.1.1668707493344.1272399495
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202211171751332f6caa81-cb5f-44dd-8043-a2c0bed92ea8AQHlrB522CW-y58XgYP5WPTzoFsx2XKM"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njg3MDc0OTM7MjswMjFxpnz173RxMoloxNJ3YFnYCiWnWQu9yR22s02vM1ykNA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.segment.io
browser.sentry-cdn.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.segment.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
email.weecare.co
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
unpkg.com
weecare.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
13.107.43.14
13.32.99.76
18.66.115.169
184.169.220.6
2001:4de0:ac18::1:a:2b
2606:4700::6810:5714
2606:4700::6810:7baf
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2016
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9b
2a02:26f0:480:f::213:7ec6
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::729
34.86.85.56
35.163.112.23
025da3189553cc8c7431fee69149291ee5154cdbc0b260192a405f9a761eaf04
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
143044b70e8dea408c020786c55869f28b9f0bc89df6a935518d5003769197fd
240a7c10cf6f7555726e517bd6e61afe7d6655757934e16f1b4ea1f308907247
24191d39422869585aa969dd369a12a9340eaa7ec3b86006aee19cca4968bf27
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
349a560ab662b93dd7df34f8631e501c0c184678f8fdf4f967609ba8cddf51a8
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
3d0acd142d7f8a9286932780a000e029d8d15ee80a0edd55d9d30149580576e2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bb60d8e7cdf8c94351ba4c094487ff9f9db4c5b11fd27a01bf8991122a491c6
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
70a07dddd40bfb45830ac7af44a2829b2d8175ef6e1f84fd9b32d29fcf8fcb14
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
782a8288e0ccc0edfc1a2d83961a8d6ee5a908246c25aa01c5eae7a681584495
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83c8b109fde651f82e3589f2c265de4ee9a332d6d844d2d4be95a8a36f48620e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
897f979133e001c87fcaca3ae00aa8410a991c85df6cc489b51d032fbbb36ed5
8d459896507d9f2ca4b4896c225c4c1e29079167a62a6bfae2c08ee980deac43
8d81cb8f9c29d3a31c61cb7ad4e180929bf60fd9234525ae9a02da7b45719697
929365eef6f35cc4d88a59fa0432d708f1200b4396ed8294480ac181bbae178b
93a1f3263e3c883f998ff8f4a3fd8afc3066f33daf90248b89e2bb01cd2003f7
a3249621bee752f310f45d1914d013d3bf7305b4ff908ed4aae691c6d692041a
a81c441e488822e3b9386082cb57e92ac5b857757b485b9afbc87e0aad2d9415
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b397c82f7f6f0f1214c4ed7461867cfdc181a0f79142cad557f416d019d89534
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb918e4772434c8678a69a4d9c1683e0ccf4bc2498f5240d1465b8287d2387cb
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c466c62a5c8e71d6de4a33e2d72b1554f94df7861842d8463d9f45a2a13a9562
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce1d7d335d4181a57608a71b46435d7c78fbcdf3d7ced961bbe2739b2ea692cd
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d6fab707875797392799a347bd4b3aeb609f3044ad8bbb0caba0a593cb74a657
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d
df7aa22d23c6b9ca1143abd9b265a438fcd9b4d12d51dec93d569cad43e00290
e03c212b80d927c7967abd13c2e5e9ac0dcbc656c91fb72cfc7dc80a1245188d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
fb17fd6899c7a1c9e6ae282ada120324605202725d179347f8ea1ee49d8f1e22
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb