urlscan.io logo urlscan.io
SecurityTrails logo

www.directrelief.xyz Open in urlscan Pro
162.55.89.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://directrelief.xyz/
Effective URL: https://www.directrelief.xyz/
Submission: On June 10 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 93 HTTP transactions. The main IP is 162.55.89.59, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.directrelief.xyz.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 26th 2022. Valid for: 3 months.
This is the only time www.directrelief.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 162.55.89.59 24940 (HETZNER-AS)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 192.243.59.20 39572 (ADVANCEDH...)
6 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 139.45.197.236 9002 (RETN-AS)
27 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
1 139.45.195.254 9002 (RETN-AS)
2 139.45.197.151 9002 (RETN-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
93 14
39    162.55.89.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: whm-1004.virtono.com
directrelief.xyz
www.directrelief.xyz
5    2607:f8b0:4006:807::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80a::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
dogcollarfavourbluff.com
6    2607:f8b0:4006:81d::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4006:823::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
glizauvo.net
27    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
1    2606:4700:3033::6815:16a9 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
2    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
39 directrelief.xyz
directrelief.xyz
www.directrelief.xyz
604 KB
27 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8331
va.tawk.to — Cisco Umbrella Rank: 7964
220 KB
6 gstatic.com
fonts.gstatic.com
129 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
4 KB
4 glizauvo.net
glizauvo.net — Cisco Umbrella Rank: 130295
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 43
20 KB
2 cdnativepush.com
static.cdnativepush.com — Cisco Umbrella Rank: 22305
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
100 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 427
39 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 56684
490 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11551
548 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 61227
18 KB
1 dogcollarfavourbluff.com
dogcollarfavourbluff.com
93 13
Domain Requested by
38 www.directrelief.xyz www.directrelief.xyz
22 embed.tawk.to www.directrelief.xyz
embed.tawk.to
6 fonts.gstatic.com fonts.googleapis.com
5 va.tawk.to embed.tawk.to
5 fonts.googleapis.com www.directrelief.xyz
embed.tawk.to
glizauvo.net
4 glizauvo.net www.directrelief.xyz
glizauvo.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.cdnativepush.com glizauvo.net
2 www.googletagmanager.com www.directrelief.xyz
www.googletagmanager.com
1 cdn.jsdelivr.net embed.tawk.to
1 fleraprt.com tzegilo.com
1 my.rtmark.net glizauvo.net
1 tzegilo.com glizauvo.net
1 dogcollarfavourbluff.com www.directrelief.xyz
1 directrelief.xyz 1 redirects
93 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
directrelief.xyz
cPanel, Inc. Certification Authority		 2022-03-26 -
2022-06-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
dogcollarfavourbluff.com
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
glizauvo.net
R3		 2022-05-04 -
2022-08-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-28 -
2023-05-28		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-01-14		 a year crt.sh
cdnativepush.com
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.directrelief.xyz/
Frame ID: 31EEE76C98CD83B5D274775B9C159C47
Requests: 76 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css
Frame ID: 3B497630D1ECFB3504576629ADF94E1F
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Frame ID: 2558125D357195337C109F48B6B9E8D8
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Frame ID: 8F1D2E1C0DC4D6F38CDF57732F644C13
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Frame ID: E97F2F7EE97073E8119490DE68FBAA2C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 795097574F9E7DAF746CCF865FB0132D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Direct Relief

Page URL History Show full URLs

  1. http://directrelief.xyz/ HTTP 301
    https://www.directrelief.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

93
Requests

99 %
HTTPS

54 %
IPv6

13
Domains

15
Subdomains

14
IPs

3
Countries

1172 kB
Transfer

3554 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://directrelief.xyz/ HTTP 301
    https://www.directrelief.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.directrelief.xyz/
Redirect Chain
  • http://directrelief.xyz/
  • https://www.directrelief.xyz/
223 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
f9605499a668819b95567d4146319dd3ae93072104a624a5aed6157c8f8b3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 10 Jun 2022 00:51:29 GMT
link
<https://www.directrelief.xyz/wp-json/>; rel="https://api.w.org/" <https://www.directrelief.xyz/wp-json/wp/v2/pages/611>; rel="alternate"; type="application/json" <https://www.directrelief.xyz/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Fri, 10 Jun 2022 00:51:28 GMT
location
https://www.directrelief.xyz/
server
LiteSpeed
vary
Accept-Encoding
x-redirect-by
WordPress
style.min.css
www.directrelief.xyz/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 22:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10929
expires
Fri, 17 Jun 2022 00:51:29 GMT
styles.css
www.directrelief.xyz/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Sun, 22 May 2022 10:58:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
848
expires
Fri, 17 Jun 2022 00:51:29 GMT
style.css
www.directrelief.xyz/wp-content/plugins/td-newsletter/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-newsletter/style.css?ver=5.2
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 21:31:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1325
expires
Fri, 17 Jun 2022 00:51:29 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=5.2
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e60dd4d4d2a9877511e9eea6cd40c4cb5199f4a7537d362edbe08599ba2ff2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 00:51:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 00:51:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 00:51:29 GMT
tds-front.css
www.directrelief.xyz/wp-content/plugins/td-subscription/assets/css/ 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.2.1
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
498f6cca2268ef161d6a0dc97bd182cbc1ccd935c626a7a228e02d2b9e1f46c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 21:31:57 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5878
expires
Fri, 17 Jun 2022 00:51:29 GMT
style.css
www.directrelief.xyz/wp-content/themes/Newsmag/ 		149 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/themes/Newsmag/style.css?ver=5.2
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
40549b96adbba57b88fda17c0267bb8337b1ffbd36f95a3d937b0f61678631d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 20:52:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23471
expires
Fri, 17 Jun 2022 00:51:29 GMT
td_legacy_main.css
www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/ 		583 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=1ee82b9ee0390690360640cdcc2d6c15
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
2771528336a619f5f133e080696188edcb2850e528b402d91bfb0e1800ba70f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 20:54:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
62978
expires
Fri, 17 Jun 2022 00:51:29 GMT
td_legacy_subscription.css
www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/ 		2 KB
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_subscription.css?ver=6.0
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
0c8b3b9eb6e9e59b88c80358a99c98980da2e354fe49e9d2d5d6579fc6baa6b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 20:54:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
457
expires
Fri, 17 Jun 2022 00:51:29 GMT
demo_style.css
www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/travel/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/travel/demo_style.css?ver=5.2
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
080af8d4c40fa3ed49dc244cf6d94a8a060efabd09f42915c8a1c00d43e0d6fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 20:54:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1462
expires
Fri, 17 Jun 2022 00:51:29 GMT
jquery.min.js
www.directrelief.xyz/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 18:37:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30273
expires
Fri, 17 Jun 2022 00:51:29 GMT
jquery-migrate.min.js
www.directrelief.xyz/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:29 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 12:36:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3995
expires
Fri, 17 Jun 2022 00:51:29 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-226184205-1
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b87cd3d2a84776a5110cc05bb75d62f663a30b8f3bcfe294c349eecb7899a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39768
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Jun 2022 00:51:30 GMT
cropped-GbOt7xg52Wj4cuk-300x99.png
www.directrelief.xyz/wp-content/uploads/2022/03/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/03/cropped-GbOt7xg52Wj4cuk-300x99.png
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
ef717813ba01ff494ecf32699c291fd019472a854b95f076382b329b2d3f0c84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
last-modified
Sun, 27 Mar 2022 05:24:19 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10061
expires
Fri, 17 Jun 2022 00:51:30 GMT
wp-emoji-release.min.js
www.directrelief.xyz/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 22:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4619
expires
Fri, 17 Jun 2022 00:51:30 GMT
invoke.js
dogcollarfavourbluff.com/d43d90ca9a0ee3bba77e526f1fdd4a2c/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dogcollarfavourbluff.com/d43d90ca9a0ee3bba77e526f1fdd4a2c/invoke.js
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 00:51:30 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
regenerator-runtime.min.js
www.directrelief.xyz/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 22:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2354
expires
Fri, 17 Jun 2022 00:51:30 GMT
wp-polyfill.min.js
www.directrelief.xyz/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 22:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6872
expires
Fri, 17 Jun 2022 00:51:30 GMT
index.js
www.directrelief.xyz/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Sun, 22 May 2022 10:58:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3050
expires
Fri, 17 Jun 2022 00:51:30 GMT
tagdiv_theme.min.js
www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/js/ 		247 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
ff4e438c14f46983e27d98c1ffd4f2ffc4fa87af0b8a5fc0aa0d7970e28005cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 20:54:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
55036
expires
Fri, 17 Jun 2022 00:51:30 GMT
comment-reply.min.js
www.directrelief.xyz/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/comment-reply.min.js?ver=6.0
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 22:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1228
expires
Fri, 17 Jun 2022 00:51:30 GMT
underscore.min.js
www.directrelief.xyz/wp-includes/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-includes/js/underscore.min.js?ver=1.13.3
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 22:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7176
expires
Fri, 17 Jun 2022 00:51:30 GMT
js_files_for_front.min.js
www.directrelief.xyz/wp-content/plugins/td-subscription/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.2.1
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
546ca755ca11fea3608c347c14c94fa81b2cd3b9ef0c82cb2422232ba6bcf71b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 21:31:57 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3233
expires
Fri, 17 Jun 2022 00:51:30 GMT
image.js
www.directrelief.xyz/wp-content/plugins/featured-image-from-url/includes/html/js/ 		4 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.9.7
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
0891804a56327bacae315d5e5281bee36c729cabfe22697a28083eeb39eb8608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:18:03 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
918
expires
Fri, 17 Jun 2022 00:51:30 GMT
bg.jpg
www.directrelief.xyz/wp-content/uploads/2022/05/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/05/bg.jpg
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
dbf12bf1f5d4b89bf65b271a2e45731c8dcb2b2c040eb2147ba21a0ac098494d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
last-modified
Mon, 16 May 2022 14:29:06 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
99967
expires
Fri, 17 Jun 2022 00:51:30 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=5.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 22:12:12 GMT
x-content-type-options
nosniff
age
182358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 22:12:12 GMT
newsmag.woff
www.directrelief.xyz/wp-content/themes/Newsmag/images/icons/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/wp-content/themes/Newsmag/images/icons/newsmag.woff?16
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/wp-content/themes/Newsmag/style.css?ver=5.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
e3619033670d012da540e2154524e4d1a05420a5064767239f5cd8911f75c9aa

Request headers

Referer
https://www.directrelief.xyz/wp-content/themes/Newsmag/style.css?ver=5.2
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
last-modified
Tue, 29 Mar 2022 20:52:39 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23816
expires
Fri, 17 Jun 2022 00:51:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=5.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:31:56 GMT
x-content-type-options
nosniff
age
105574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 19:31:56 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=5.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 22:16:21 GMT
x-content-type-options
nosniff
age
182109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 22:16:21 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-226184205-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
110
date
Fri, 10 Jun 2022 00:49:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 10 Jun 2022 02:49:40 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LFD5HTMKXD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-226184205-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab51f183667f8293f33e8e875301d194cb740b283295a4674b98e66d0e90e135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61877
x-xss-protection
0
expires
Fri, 10 Jun 2022 00:51:30 GMT
/
www.directrelief.xyz/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.directrelief.xyz/
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
server
LiteSpeed
link
<https://www.directrelief.xyz/wp-json/>; rel="https://api.w.org/", <https://www.directrelief.xyz/wp-json/wp/v2/pages/611>; rel="alternate"; type="application/json", <https://www.directrelief.xyz/>; rel=shortlink
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
5114068
glizauvo.net/400/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glizauvo.net/400/5114068
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
495b30bf7a638a08f0f55e2c666804c1e224667ace158f771c09f544da1be2aa
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-trace-id
45a5640b646be951fb4af7af15991d66
pragma
no-cache
date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
default
embed.tawk.to/6243a1ce2abe5b455fc24c2c/ 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
784871a151c62d9b2e7a87aa46be8640cd698b18be5fd284524db56ee27373c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"stable-v4-62835fee0eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
718e1e73acfde6f0-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bg-300x200.jpg
www.directrelief.xyz/wp-content/uploads/2022/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/05/bg-300x200.jpg
Requested by
Host: www.directrelief.xyz
URL: https://www.directrelief.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
7e6263a44d35ac4ecc88bc51a6c27a74593fd225bf60f0c421cea34b93dcd549

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
last-modified
Mon, 16 May 2022 14:29:06 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7565
expires
Fri, 17 Jun 2022 00:51:30 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1639452329&t=pageview&_s=1&dl=https%3A%2F%2Fwww.directrelief.xyz%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Direct%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1198430315&gjid=487023223&cid=779966561.1654822291&tid=UA-226184205-1&_gid=450414459.1654822291&_r=1&gtm=2ou680&did=dZTNiMT&gdid=dZTNiMT&z=1979249846
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 00:51:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.directrelief.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LFD5HTMKXD&gtm=2oe680&_p=1639452329&_z=ccd.tdB&cid=779966561.1654822291&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1654822290&sct=1&seg=0&dl=https%3A%2F%2Fwww.directrelief.xyz%2F&dt=Home%20-%20Direct%20Relief&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LFD5HTMKXD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 00:51:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.directrelief.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stattag.js
tzegilo.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/400/5114068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5158
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jun 2022 09:20:35 GMT
server
cloudflare
etag
W/"62a1bb63-c24f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtE6UWrLvhDJWT65FSX9h5Iu10IhlUwToIQ34b%2BkWMmHYmU2R300fGg5RYpXjBPHTHVbhy%2BVCUG8ZZCfOJ28ZVMG1Ny1%2BxkdaNKIRUuUXJ7whhHcrBhvdjeG00lRFx4xxY4wJ2izyMkXLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
718e1e75be060c95-EWR
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
A-Birth-Clinic-Opens-Its-Doors-in-the-Philippines-681x400.jpg
www.directrelief.xyz/wp-content/uploads/2022/06/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/06/A-Birth-Clinic-Opens-Its-Doors-in-the-Philippines-681x400.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
fd8561ef2fc57188f158689b76cf1056a01433511c5e350306ea4b41009a50d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Thu, 09 Jun 2022 18:48:14 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
48999
expires
Fri, 17 Jun 2022 00:51:31 GMT
twk-main.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		121 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e76ef278c83-EWR
twk-vendor.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e76ef2e8c83-EWR
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"0022ca6ee8862a21867d497826b1d4ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e76ef318c83-EWR
twk-chunk-common.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		157 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"a971da9828a19bc856261914c19bc242"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e76ef348c83-EWR
twk-runtime.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"a15483b174cf94cb489a53ce9789161d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e76ef388c83-EWR
twk-app.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		151 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6243a1ce2abe5b455fc24c2c/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e76ef3c8c83-EWR
gid.js
my.rtmark.net/ 		65 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/400/5114068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
47da4d7df7df86763ada12f8924cb76a23ee609899e8f1fb30b91df3cd854c22
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.directrelief.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
Direct-Relief-the-National-Association-of-Free-and-Charitable-Clinics-341x220.jpg
www.directrelief.xyz/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/06/Direct-Relief-the-National-Association-of-Free-and-Charitable-Clinics-341x220.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
dcc13d0c812b3a6afb9a4d79c9883f6cb484a0a42bc998704ebc110a5e2ed714

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Wed, 08 Jun 2022 13:05:03 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13083
expires
Fri, 17 Jun 2022 00:51:31 GMT
Direct-Relief-Announces-650000-Grant-to-Build-One-of-Nations-341x220.jpg
www.directrelief.xyz/wp-content/uploads/2022/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/06/Direct-Relief-Announces-650000-Grant-to-Build-One-of-Nations-341x220.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
611f4010a7524ad9170ed555cbaa8a3d257d5a37680455824c1b7e62d5ac5b7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Tue, 07 Jun 2022 17:10:04 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17315
expires
Fri, 17 Jun 2022 00:51:31 GMT
Donated-Cancer-Medicines-Help-Save-Lives-in-Lebanon-341x220.jpg
www.directrelief.xyz/wp-content/uploads/2022/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/06/Donated-Cancer-Medicines-Help-Save-Lives-in-Lebanon-341x220.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
9668216cc51658d82c9b8bd5cdf9218824809ea33089877d20086151e21a930c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Sun, 05 Jun 2022 14:02:34 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19325
expires
Fri, 17 Jun 2022 00:51:31 GMT
Hurricane-Season-Preparation-Support-to-Ukraine-and-Surrounding-Regions-Continues-341x220.jpeg
www.directrelief.xyz/wp-content/uploads/2022/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/06/Hurricane-Season-Preparation-Support-to-Ukraine-and-Surrounding-Regions-Continues-341x220.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
0b143549d12f665030d645190135579f7bd5fe0e4cb3490b4a08a86074fb6762

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Fri, 03 Jun 2022 16:10:37 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20646
expires
Fri, 17 Jun 2022 00:51:31 GMT
Direct-Relief-Pre-Positions-Medical-Supplies-for-Hurricane-Season-2022-341x220.jpg
www.directrelief.xyz/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/06/Direct-Relief-Pre-Positions-Medical-Supplies-for-Hurricane-Season-2022-341x220.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
b93c4cb99785e219fd735b865a07e99c346d7f3bf43ca0bddb79d1a857b6ac1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Wed, 01 Jun 2022 17:02:36 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13432
expires
Fri, 17 Jun 2022 00:51:31 GMT
Chronic-Disease-and-Mental-Health-are-Linked-But-How-300x160.jpg
www.directrelief.xyz/wp-content/uploads/2022/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/05/Chronic-Disease-and-Mental-Health-are-Linked-But-How-300x160.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
1fe2f5a72769c274cac0d7256a6d87082d3fcd28e3c21ec7645ff5afad2c6301

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Sun, 22 May 2022 11:16:43 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9664
expires
Fri, 17 Jun 2022 00:51:31 GMT
Ukraine-Diabetes-1-2-300x160.webp
www.directrelief.xyz/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/03/Ukraine-Diabetes-1-2-300x160.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
06c0df756961a7064aa2bb42a422e412ec8bc37d99d8904f459ac8cdf28cf391

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Wed, 30 Mar 2022 20:21:47 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13818
expires
Fri, 17 Jun 2022 00:51:31 GMT
Direct-Relief-Awards-More-than-12-Million-in-Grants-for-100x75.jpg
www.directrelief.xyz/wp-content/uploads/2022/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/05/Direct-Relief-Awards-More-than-12-Million-in-Grants-for-100x75.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
512214fd22a443096bb194d323d888ee4fbc551942836ef5603d0561c56aca20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Sun, 22 May 2022 12:52:44 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4237
expires
Fri, 17 Jun 2022 00:51:31 GMT
Turning-Traditional-Music-into-Non-Traditional-Fundraising-100x75.png
www.directrelief.xyz/wp-content/uploads/2022/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/05/Turning-Traditional-Music-into-Non-Traditional-Fundraising-100x75.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
111de3b43f8c4f9beeadf0aed6432b14b80bf472d29a925895199d390e425b8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Sun, 22 May 2022 10:51:54 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18065
expires
Fri, 17 Jun 2022 00:51:31 GMT
Wildfire-Response-Shipments-to-Navajo-Nation-More-Support-for-Ukraine-100x75.jpg
www.directrelief.xyz/wp-content/uploads/2022/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/05/Wildfire-Response-Shipments-to-Navajo-Nation-More-Support-for-Ukraine-100x75.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
d963e66a3904a996ce3882a595380629b78a678a278e6f0c93aedb05e30ff4db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Sun, 22 May 2022 12:46:10 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2614
expires
Fri, 17 Jun 2022 00:51:31 GMT
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=6243a1ce2abe5b455fc24c2c&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf4485ed1712ba42045fb45c4f787304ad51da85b3c9e329833e1fd28a329981
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-2plc
server
cloudflare
etag
W/"2-2-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
718e1e787ac6e6f0-EWR
access-control-allow-headers
content-type,x-tawk-token
maxresdefault-19-300x160.jpg
www.directrelief.xyz/wp-content/uploads/2022/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/04/maxresdefault-19-300x160.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
0cd8afda4121f9309097587068d38797b3d95970abcfd06516fdb27c1c849cfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Wed, 20 Apr 2022 08:00:52 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11961
expires
Fri, 17 Jun 2022 00:51:31 GMT
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.directrelief.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.directrelief.xyz
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
718e1e788ad3e6f0-EWR
date
Fri, 10 Jun 2022 00:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-dqcz
start
va.tawk.to/v1/session/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb7619a9238af06d5df4d153c3edaa3979855b762f5a4e9fb0f891e25b414d6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-xh8r
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.directrelief.xyz
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
718e1e78dbba17d9-EWR
access-control-allow-headers
content-type,x-tawk-token
maxresdefault-300x160.webp
www.directrelief.xyz/wp-content/uploads/2022/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.directrelief.xyz/wp-content/uploads/2022/03/maxresdefault-300x160.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.89.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
whm-1004.virtono.com
Software
LiteSpeed /
Resource Hash
04fc7400c43286f712f3658905951cb1e494ce5d1c317bf990646948c533404d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Wed, 30 Mar 2022 21:27:11 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8438
expires
Fri, 17 Jun 2022 00:51:31 GMT
5114068
glizauvo.net/500/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://glizauvo.net/500/5114068?excludes=&oaid=2ce2fab9dde543c9836bb57698a0bb57&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.directrelief.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/400/5114068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
85a59f1c4a25c8547081ac2159f1406314de301d4220541db089efe41c07ef36
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
599197e7a9c9d0c9f44af352ba2e3345
pragma
no-cache
date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.directrelief.xyz
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
5114068
glizauvo.net/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://glizauvo.net/500/5114068?excludes=&oaid=2ce2fab9dde543c9836bb57698a0bb57&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.directrelief.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.directrelief.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.directrelief.xyz
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Fri, 10 Jun 2022 00:51:31 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
add
fleraprt.com/log/ 		12 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer
https://www.directrelief.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 10 Jun 2022 00:51:48 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.directrelief.xyz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
en.js
embed.tawk.to/_s/v4/app/62835fee0eb/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1894533
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:37 GMT
server
cloudflare
etag
W/"5a13c5b16c3caf8b986d6b915fd4b13e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e79acea17d9-EWR
0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
last-modified
Thu, 08 Apr 2021 14:22:06 GMT
server
nginx
etag
"606f118e-932"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
2354
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"1180d712a02848854eab38e1736e2616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fc617d9-EWR
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"6712af3933a068dc9ca1293e0c2c828f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fc817d9-EWR
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1891599
x-cache-status
STALE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"325d67a45c137803b4f8bd4d47afffed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fcb17d9-EWR
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"601eb77cd91dcb708add40ebe9d149e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fd117d9-EWR
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		942 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fd317d9-EWR
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		546 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fd517d9-EWR
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fd717d9-EWR
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-32507910.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"006d5eeef6485daa02180491bbfb5485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b2fdd17d9-EWR
bubble-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 3B49 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1891597
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b583f17d9-EWR
cf-bgj
minify
min-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 2558 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893543
cf-polished
origSize=25050
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b786717d9-EWR
cf-bgj
minify
message-preview.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 8F1D 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893542
cf-polished
origSize=37650
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7b88a217d9-EWR
cf-bgj
minify
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 3B49 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1181772
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7ba8c817d9-EWR
max-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame E97F 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1893542
cf-polished
origSize=74594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"0d4a703e4e6f73ee4b1a0e152481a4c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
718e1e7bb90917d9-EWR
cf-bgj
minify
css
fonts.googleapis.com/ Frame 2558 		7 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 23:28:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 00:51:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 00:51:31 GMT
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 3B49 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10520
last-modified
Sat, 22 May 2021 07:25:13 GMT
server
cloudflare
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
accept-ranges
bytes
cf-ray
718e1e7bbc2b8c83-EWR
css
fonts.googleapis.com/ Frame 8F1D 		7 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 22:59:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 00:51:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 00:51:31 GMT
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6967787
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA, cache-ewr18166-EWR
timing-allow-origin
*
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcPX36Ubcimq4pS%2Fxz7RI23FnDpPPMIt%2FL%2Fl57G5Vqb6yEoqRPUd0TLmbaGnvYZUDeyjt6Djw8MsWlsJAMVjpXRYduGRhTco2c0zfzZAKvIFiDxoRLG3%2Fz8A9XHLUXlln3np9xIAunWBDeAEBdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
718e1e7c1cc78c6b-EWR
css
fonts.googleapis.com/ Frame E97F 		7 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 23:06:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 00:51:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 00:51:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 2558 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 23:16:08 GMT
x-content-type-options
nosniff
age
264923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 23:16:08 GMT
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.directrelief.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.directrelief.xyz
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
718e1e7c3d9c8c83-EWR
date
Fri, 10 Jun 2022 00:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-lddc
v3
va.tawk.to/log-performance/ 		5 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directrelief.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 10 Jun 2022 00:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-f292
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.directrelief.xyz
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
718e1e7caed78c83-EWR
access-control-allow-headers
content-type,x-tawk-token
uw7p_7PaZCQBMoM6Y_rjz3CbB9TGQxiRhfpNby3VTWeaWJpRcDuYlGy4jygGDY18vvzW8kDXoXJiod4mDJIyLxi5ItUCyGgprYdiNI2derpnukQCU-67jfxU1rpuv8CgvFazskDm2oUFFHHtC9oHgZMUrVkoSI8r9FBB9qHGJ4YXVB9DbAJqTycQoljXaaQsbpMz_...
glizauvo.net/impression/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glizauvo.net/impression/uw7p_7PaZCQBMoM6Y_rjz3CbB9TGQxiRhfpNby3VTWeaWJpRcDuYlGy4jygGDY18vvzW8kDXoXJiod4mDJIyLxi5ItUCyGgprYdiNI2derpnukQCU-67jfxU1rpuv8CgvFazskDm2oUFFHHtC9oHgZMUrVkoSI8r9FBB9qHGJ4YXVB9DbAJqTycQoljXaaQsbpMz_0Asj7FgsxPYkpfW_rXM-dO-OK_NNlQToZB7rOvR9HWuYjMarlmCqjGkYtcoJDths4LMEbg5TZ7lpF2OyCP90wCPb6_6sd8boyknplZsRQrXCL0U2Dp1oPNcqG_OXHGo2Vb3dFZpZw-MfGUuPDUWk2Gw6b91UUYt4UggDIAizlH3f7CNr4118BM_wwD70xHQPhuwitd_7I07uvuyCiFr6waTckkVQqp_y-adQRhW57DO1IE20bKMT1qhyz-byDgzjCd1a3fnnQMR845cZppXwe79HFosUYxUABk_8iCfvt1oz5P5q6TKgN_XiiZfFyFmPrpSxdNovzcUufE11rMMiUzP5zDqioMSeIohEFeUydWrJE09Ickv2KXaWruQsGj0QJE4K1RHANWFFT6EDEjP5mnUEErhouFz3JOF_QtJvsCfjTZtTmLQ9t0_QTaylwXTkOfNRAAsXqREuh9sclzNOAaQ8ohXb6GPKWgBXjpKUdbnqOwMG94Vtxjz-ChILwIM-SzF2nQ=?_z=5114068&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.directrelief.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.directrelief.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-trace-id
76fd30febb271d181244f6ed15912ec0
pragma
no-cache
date
Fri, 10 Jun 2022 00:51:35 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
content-length
43
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ Frame 7950 		10 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/400/5114068
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f9b06d09687c0f2c7c194d069d62aa90618c2d6fa4a1ce28b8f1ea2a1083625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 23:52:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 00:51:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 00:51:35 GMT
0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 		0
0
0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ Frame 7950 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/400/5114068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 00:51:35 GMT
last-modified
Thu, 08 Apr 2021 14:22:06 GMT
server
nginx
etag
"606f118e-932"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
2354
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7950 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:32:04 GMT
x-content-type-options
nosniff
age
105571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7950 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directrelief.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:31:57 GMT
x-content-type-options
nosniff
age
105578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 19:31:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.cdnativepush.com
URL
https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| block_tdi_1 object| block_tdi_9 object| block_tdi_19 object| block_tdi_24 object| block_tdi_34 object| google_tag_manager object| block_tdi_56 object| google_tag_data string| GoogleAnalyticsObject function| ga string| k object| _0stviizgg9f object| ihe29bts2k object| zfgformats function| setImmediate function| clearImmediate function| _axsyk function| _lufkjshc object| block_tdi_70 object| Tawk_API object| Tawk_LoadStart object| runtime object| regeneratorRuntime object| wpcf7 object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr function| $f function| onYouTubeIframeAPIReady object| addComment function| _ object| tds_js_globals object| tdsLeads object| tdsStore object| tdsMain object| fifuImageVars object| observer function| disableClick function| disableLink function| fifu_fix_gallery_height object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| zfgstorage boolean| __lwkemfd9q__ object| webpushlogs object| __ds3dcV__ object| syncCallbacks object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window number| __qwe33wweq__ object| emojione

9 Cookies

Domain/Path Name / Value
.directrelief.xyz/ Name: _gid
Value: GA1.2.450414459.1654822291
.directrelief.xyz/ Name: _gat_gtag_UA_226184205_1
Value: 1
.directrelief.xyz/ Name: _ga_LFD5HTMKXD
Value: GS1.1.1654822290.1.0.1654822290.0
.directrelief.xyz/ Name: _ga
Value: GA1.1.779966561.1654822291
www.directrelief.xyz/ Name: twk_idm_key
Value: JukBiXL7FDb2GtSg59BCk
my.rtmark.net/ Name: ID
Value: 2ce2fab9dde543c9836bb57698a0bb57
glizauvo.net/ Name: OAID
Value: 2ce2fab9dde543c9836bb57698a0bb57
www.directrelief.xyz/ Name: TawkConnectionTime
Value: 0
.directrelief.xyz/ Name: twk_uuid_6243a1ce2abe5b455fc24c2c
Value: %7B%22uuid%22%3A%221.1Hx7SutvvShjdKukBxttxGraZrEsvEGVFsLGvsispFOvhmTWMM0rNtvFoJLedUxMqFccHPujykzehIAYkmQeFdONSSzjf183mi6EQLcHOfp0HRQCWVYFL9KMCFCH0JQ3UfqZdbbqnVt2jin03BF3ea%22%2C%22version%22%3A3%2C%22domain%22%3A%22directrelief.xyz%22%2C%22ts%22%3A1654822291695%7D

1 Console Messages

Source Level URL
Text
network error URL: https://dogcollarfavourbluff.com/d43d90ca9a0ee3bba77e526f1fdd4a2c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
directrelief.xyz
dogcollarfavourbluff.com
embed.tawk.to
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
glizauvo.net
my.rtmark.net
static.cdnativepush.com
tzegilo.com
va.tawk.to
www.directrelief.xyz
www.google-analytics.com
www.googletagmanager.com
static.cdnativepush.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.236
162.55.89.59
192.243.59.20
2606:4700:10::6816:1883
2606:4700:3033::6815:16a9
2606:4700::6810:5714
2607:f8b0:4006:807::200a
2607:f8b0:4006:80a::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::200e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04fc7400c43286f712f3658905951cb1e494ce5d1c317bf990646948c533404d
06c0df756961a7064aa2bb42a422e412ec8bc37d99d8904f459ac8cdf28cf391
080af8d4c40fa3ed49dc244cf6d94a8a060efabd09f42915c8a1c00d43e0d6fe
0891804a56327bacae315d5e5281bee36c729cabfe22697a28083eeb39eb8608
08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678
0b143549d12f665030d645190135579f7bd5fe0e4cb3490b4a08a86074fb6762
0c8b3b9eb6e9e59b88c80358a99c98980da2e354fe49e9d2d5d6579fc6baa6b5
0cd8afda4121f9309097587068d38797b3d95970abcfd06516fdb27c1c849cfc
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411
111de3b43f8c4f9beeadf0aed6432b14b80bf472d29a925895199d390e425b8c
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1
1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87
1fe2f5a72769c274cac0d7256a6d87082d3fcd28e3c21ec7645ff5afad2c6301
2771528336a619f5f133e080696188edcb2850e528b402d91bfb0e1800ba70f8
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774
40549b96adbba57b88fda17c0267bb8337b1ffbd36f95a3d937b0f61678631d5
47da4d7df7df86763ada12f8924cb76a23ee609899e8f1fb30b91df3cd854c22
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
495b30bf7a638a08f0f55e2c666804c1e224667ace158f771c09f544da1be2aa
498f6cca2268ef161d6a0dc97bd182cbc1ccd935c626a7a228e02d2b9e1f46c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
512214fd22a443096bb194d323d888ee4fbc551942836ef5603d0561c56aca20
546ca755ca11fea3608c347c14c94fa81b2cd3b9ef0c82cb2422232ba6bcf71b
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b87cd3d2a84776a5110cc05bb75d62f663a30b8f3bcfe294c349eecb7899a78
5f9b06d09687c0f2c7c194d069d62aa90618c2d6fa4a1ce28b8f1ea2a1083625
611f4010a7524ad9170ed555cbaa8a3d257d5a37680455824c1b7e62d5ac5b7a
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
784871a151c62d9b2e7a87aa46be8640cd698b18be5fd284524db56ee27373c9
7e6263a44d35ac4ecc88bc51a6c27a74593fd225bf60f0c421cea34b93dcd549
85a59f1c4a25c8547081ac2159f1406314de301d4220541db089efe41c07ef36
9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9668216cc51658d82c9b8bd5cdf9218824809ea33089877d20086151e21a930c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ab51f183667f8293f33e8e875301d194cb740b283295a4674b98e66d0e90e135
adb7619a9238af06d5df4d153c3edaa3979855b762f5a4e9fb0f891e25b414d6
b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f
b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14
b93c4cb99785e219fd735b865a07e99c346d7f3bf43ca0bddb79d1a857b6ac1c
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf4485ed1712ba42045fb45c4f787304ad51da85b3c9e329833e1fd28a329981
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d963e66a3904a996ce3882a595380629b78a678a278e6f0c93aedb05e30ff4db
dbf12bf1f5d4b89bf65b271a2e45731c8dcb2b2c040eb2147ba21a0ac098494d
dcc13d0c812b3a6afb9a4d79c9883f6cb484a0a42bc998704ebc110a5e2ed714
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3619033670d012da540e2154524e4d1a05420a5064767239f5cd8911f75c9aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e60dd4d4d2a9877511e9eea6cd40c4cb5199f4a7537d362edbe08599ba2ff2d3
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ef717813ba01ff494ecf32699c291fd019472a854b95f076382b329b2d3f0c84
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9605499a668819b95567d4146319dd3ae93072104a624a5aed6157c8f8b3e5e
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fd8561ef2fc57188f158689b76cf1056a01433511c5e350306ea4b41009a50d6
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed
ff4e438c14f46983e27d98c1ffd4f2ffc4fa87af0b8a5fc0aa0d7970e28005cf