Submitted URL: https://trk.klclick.com/ls/click?upn=u001.LlhdDGxyX1sZtEGwkwqn-2BXBSKOlDlD-2FOjp-2FmsNHzsV67tBHjyqzY-2BEavjDAbEYLz9GmRRL...
Effective URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f...
Submission Tags: falconsandbox
Submission: On April 03 via api from US — Scanned from DE

Summary

This website contacted 33 IPs in 4 countries across 23 domains to perform 73 HTTP transactions. The main IP is 20.82.12.44, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is join.us.grouptogether.com. The Cisco Umbrella rank of the primary domain is 345277.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on February 13th 2024. Valid for: 6 months.
This is the only time join.us.grouptogether.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:220... 16509 (AMAZON-02)
10 20.82.12.44 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
7 20.118.40.9 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.139.116 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2.17.177.117 16625 (AKAMAI-AS)
3 151.101.130.133 54113 (FASTLY)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2600:9000:212... 16509 (AMAZON-02)
1 65.9.95.50 16509 (AMAZON-02)
1 2606:4700:310... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.194.133 54113 (FASTLY)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 65.9.95.80 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.92.231.230 14618 (AMAZON-AES)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.128.84 54113 (FASTLY)
1 65.9.95.114 16509 (AMAZON-02)
1 151.101.0.84 54113 (FASTLY)
2 65.9.95.36 16509 (AMAZON-02)
73 33
Apex Domain
Subdomains
Transfer
17 grouptogether.com
join.us.grouptogether.com — Cisco Umbrella Rank: 345277
join-us.grouptogether.com — Cisco Umbrella Rank: 498937
4 MB
11 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3106
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3746
a.klaviyo.com — Cisco Umbrella Rank: 3794
43 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 902
5 KB
4 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6049
api.omappapi.com — Cisco Umbrella Rank: 6168
28 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
px4.ads.linkedin.com — Cisco Umbrella Rank: 6476
2 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3274
www.google.com — Cisco Umbrella Rank: 2
378 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
473 B
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 955
heapanalytics.com — Cisco Umbrella Rank: 835
37 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
291 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2527
291 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7528
126 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
375 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
70 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 903
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 780
script.hotjar.com — Cisco Umbrella Rank: 1035
59 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1743
api-iam.intercom.io Failed
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 129
18 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4602
12 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 5660
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 811
17 KB
1 klclick.com
trk.klclick.com — Cisco Umbrella Rank: 12205
516 B
73 23
Domain Requested by
10 join.us.grouptogether.com join.us.grouptogether.com
7 join-us.grouptogether.com join.us.grouptogether.com
6 a.klaviyo.com static-tracking.klaviyo.com
4 ct.pinterest.com s.pinimg.com
3 a.omappapi.com join.us.grouptogether.com
a.omappapi.com
3 static.klaviyo.com www.googletagmanager.com
static.klaviyo.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
join.us.grouptogether.com
3 www.googletagmanager.com join.us.grouptogether.com
www.googletagmanager.com
2 js.intercomcdn.com widget.intercom.io
2 px.ads.linkedin.com 1 redirects snap.licdn.com
2 heapanalytics.com join.us.grouptogether.com
2 www.google.de join.us.grouptogether.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.facebook.com join.us.grouptogether.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 connect.facebook.net join.us.grouptogether.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 widget.intercom.io join.us.grouptogether.com
1 px4.ads.linkedin.com join.us.grouptogether.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 script.hotjar.com static.hotjar.com
1 www.googleadservices.com chimpstatic.com
1 www.google.com join.us.grouptogether.com
1 api.omappapi.com a.omappapi.com
1 cdn.heapanalytics.com join.us.grouptogether.com
1 www.dwin1.com www.googletagmanager.com
1 chimpstatic.com join.us.grouptogether.com
1 snap.licdn.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 trk.klclick.com 1 redirects
0 api-iam.intercom.io Failed js.intercomcdn.com
73 33

This site contains no links.

Subject Issuer Validity Valid
join.us.grouptogether.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-02-13 -
2024-08-13
6 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
join-us.grouptogether.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-02-14 -
2024-08-14
6 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03
2024-02-07 -
2025-03-08
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-07 -
2024-08-07
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2024-04-03 -
2024-06-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-12 -
2024-04-11
3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
static.klaviyo.com
R3
2024-03-13 -
2024-06-11
3 months crt.sh
a.omappapi.com
R3
2024-03-29 -
2024-06-27
3 months crt.sh
*.dwin1.com
Amazon RSA 2048 M03
2023-10-18 -
2024-11-15
a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01
2023-06-29 -
2024-07-27
a year crt.sh
omappapi.com
GTS CA 1P5
2024-02-19 -
2024-05-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
static-tracking.klaviyo.com
R3
2024-03-21 -
2024-06-19
3 months crt.sh
*.google.de
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02
2023-11-09 -
2024-12-08
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-06-24 -
2024-06-23
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh

This page contains 3 frames:

Primary Page: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Frame ID: 8DDB02B46F513CF592903D22957D0998
Requests: 66 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 44B1F8DC0B036A2D06E10D514BE73A77
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3a3d772c.js
Frame ID: 418753197F4E936AC100C74C6EA8405B
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

GT | No Thanks

Page URL History Show full URLs

  1. https://trk.klclick.com/ls/click?upn=u001.LlhdDGxyX1sZtEGwkwqn-2BXBSKOlDlD-2FOjp-2FmsNHzsV67tBHjyqzY... HTTP 302
    https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • dwin1\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected

Page Statistics

73
Requests

97 %
HTTPS

55 %
IPv6

23
Domains

33
Subdomains

33
IPs

4
Countries

4916 kB
Transfer

8514 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.klclick.com/ls/click?upn=u001.LlhdDGxyX1sZtEGwkwqn-2BXBSKOlDlD-2FOjp-2FmsNHzsV67tBHjyqzY-2BEavjDAbEYLz9GmRRLCmgvfaRQldoDzFFJlzbBBry1hT7QGC5JFC8BnCYz48eZLQY49lfT3qDi7q3AGmRfEN1s4TJ6xnuHUnPyel6T6Mks34h-2BbkkRDA3DHG8Wgzrs0BaeP5lo9n-2F6BvIwIl7PaUsiTShYLxngqsdWl3EMNpbOvYID1qKAe1igTKYVyanS6HW5wo-2FmFcLr4M8Y-2FxVkO9jOZ2Kbj9j2Gq5e0LTH-2FcJYYTp6Q3XdR6TZdVmACInFK0-2F98TTMqvuv6SSLWmvi910Hc1to3-2FiyjV1RgteGzzierJPKi6yb9HwBTmmokYsqWk5U2Vekoz6gnz3rl5-2FvbaC9TcDR-2BXooxMBR7-2BxVXnDAzo0ZniDh67zlkL5S4c1AFPVv9B59dDGdhbAG8A983AYmMeIJMWYSflUWiGN-2F6PlEh97nExV94Teog-3DXVTQ_0ZBc96USOZe0LegoLZ-2FTBChDMZa0nI5Yr1peAL7-2Bpmq90rDcJ4xBWpLziKT6KZqdvg5WfAxINjBXcA4PfRqyY8Ms3UpNzQbt2mP7Ldz6QRbl4VTHzcd6Cje0Z2J91QYbdhCovzdBZ20iTVMgMp7ZxUYDn0NiR0ZwpsFHiTHqk3vnwkrVN6PCMW1Ziah8VU5-2BxGIbqnrRTNa75-2BqnH6zIp-2FHRgbh31OUhN3JmDmyGzKOvGzIQXNb4Fw2-2FJoBI4oDgGf0wj4QV94eNUXOMf97kXVda3FC9fXm-2BrVkRXX57TaXh9qXzF-2FMULhbzWwLjD2KbS8PxAu20N8vfLH-2Fg9itOM6-2FjmoCB6nTYh-2BqtTMshZRV2EcTY3wGOTLTYmhKDtZw95mQZiZOfQ28BTBT5kXCWn7-2BFMzsoqYEDqby5iu-2FUVHxRhkjHJceWLZonp4iuLL81 HTTP 302
    https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1712172331271&li_adsId=b2088b42-b43f-4985-bf0b-edd5be8c05a1&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1712172331271&li_adsId=b2088b42-b43f-4985-bf0b-edd5be8c05a1&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&e_ipv6=AQIt5qX1Ng2llQAAAY6lbHOV_tWy1BB_f_cfEyVagT1mudRL6AGO865-YKiD1PmaGaoGt1djGnjXuX9fNKkV7mqi_bN7Wg

73 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request f8675664-a986-43bd-ac08-eccbd7d9488c
join.us.grouptogether.com/contribute/
Redirect Chain
  • https://trk.klclick.com/ls/click?upn=u001.LlhdDGxyX1sZtEGwkwqn-2BXBSKOlDlD-2FOjp-2FmsNHzsV67tBHjyqzY-2BEavjDAbEYLz9GmRRLCmgvfaRQldoDzFFJlzbBBry1hT7QGC5JFC8BnCYz48eZLQY49lfT3qDi7q3AGmRfEN1s4TJ6xnuHU...
  • https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clon...
2 KB
1 KB
Document
General
Full URL
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4029845189fdac3229837e248dfd088f32917c27de230931127773cf005c3aa2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Wed, 03 Apr 2024 19:25:29 GMT
etag
"60111715"
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block

Redirect headers

content-length
389
content-type
text/html; charset=utf-8
date
Wed, 03 Apr 2024 19:25:30 GMT
location
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
server
nginx
via
1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
x-amz-cf-id
SGD4lrHil895lSXp024pQLbFU6YZp_1KPv4FZXpaktqKuqtIeU9qUA==
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
index-c264630b.js
join.us.grouptogether.com/assets/
782 KB
244 KB
Script
General
Full URL
https://join.us.grouptogether.com/assets/index-c264630b.js
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4b5e8ad281ab02c3da9f840a7ac3c7076b302578abf8b9b6037f5893b0fd497
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:29 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
x-content-type-options
nosniff
etag
"60111715"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
index-8468199d.css
join.us.grouptogether.com/assets/
1 MB
169 KB
Stylesheet
General
Full URL
https://join.us.grouptogether.com/assets/index-8468199d.css
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8468199d7a389cab3c492f6328dde6856de5e5287ab1e605ddae101d8ccc4f27
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:29 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
x-content-type-options
nosniff
etag
"60111715"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/
317 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09fa583f8d191cafbfb8c0c9be50b3a61e855e7976500de0a0ad76ba5a9cdff4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108888
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Apr 2024 19:25:30 GMT
contribution-details
join-us.grouptogether.com/api/contributions/
2 KB
2 KB
XHR
General
Full URL
https://join-us.grouptogether.com/api/contributions/contribution-details?collection=f8675664-a986-43bd-ac08-eccbd7d9488c
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e93e0ee16d5d07e5eba358409681646f9403e56bdcbdce9fac2744322028e30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
regular-dddcff5d.woff2
join.us.grouptogether.com/assets/
7 KB
7 KB
Font
General
Full URL
https://join.us.grouptogether.com/assets/regular-dddcff5d.woff2
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-8468199d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dddcff5dc0c28e5ccb8da4355a7ef9f5e62e58ba69492b47f2d0aa579d3ad49d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/assets/index-8468199d.css
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:29 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
etag
"60111715"
x-dns-prefetch-control
off
content-type
font/woff2
cache-control
public, must-revalidate, max-age=30
content-length
7596
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
307 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4M9ZL4VMPQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ce444e66dc266a6622bf4be5d766bfb4404017a7fbcf6613c48fcfdd0b3c72f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102240
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Apr 2024 19:25:30 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Apr 2024 17:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6408
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 03 Apr 2024 19:38:42 GMT
destination
www.googletagmanager.com/gtag/
244 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-939511155&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6bca8e93540ca58e617871b40b2bb336cc6e39ba3b9ae719f9e8883dde4f33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86637
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Apr 2024 19:25:30 GMT
hotjar-203070.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-203070.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-116.ams50.r.cloudfront.net
Software
/
Resource Hash
e435847fa32688aba839bf20c94745f1fad4447384c5044f33b7b6c8c89788e1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 03 Apr 2024 19:25:31 GMT
via
1.1 fb6c3dd3817d7e9cad9e87d716e2024c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
etag
W/ab414d79c24964fd14e3925dde338bfb
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
dKa24VFLwT1A_-kygSE1VImoIxnG42Ffwv7uws-c1UJGvgLWTI9zkg==
insight.min.js
snap.licdn.com/li.lms-analytics/
48 KB
17 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 16:03:53 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=31721
accept-ranges
bytes
content-length
17224
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"5f9456a62b94027f2e116bffedc2cde1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1883
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 03 Apr 2024 19:25:30 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C8BDEC43426B4E509A94BC34957EC35F Ref B: FRAEDGE1307 Ref C: 2024-04-03T19:25:30Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Apr 2024 19:25:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=12, mss=1326, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
w54UvmnqrMqEA30Z1/TaAd3At6MAwph8RwLF4JsdSu2NlLJlYH6UU9fENaPC8pAXQyKlcdHbNDhpFAr/OQsXaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ea19c9812d790163177329d08.js
chimpstatic.com/mcjs-connected/js/users/4ee3845d9aab7ab51cf9f387a/
1 KB
1 KB
Script
General
Full URL
https://chimpstatic.com/mcjs-connected/js/users/4ee3845d9aab7ab51cf9f387a/ea19c9812d790163177329d08.js
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.177.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-177-117.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ca7b2fa862fe29e4ca33947161ee0ef68f67e995399f078aae987d8c1d9e8903

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Unused62
8096267
X-EdgeConnect-Origin-MEX-Latency
401, 401
Content-Encoding
gzip
Date
Wed, 03 Apr 2024 19:25:31 GMT
x-amz-request-id
75B4B55AEE32DE99
X-EdgeConnect-MidMile-RTT
0, 0
Connection
keep-alive
Content-Length
513
x-amz-id-2
eruMnO3YI53hmL3z0ydAcAmRUqSGkbslVvJkide9ZFUKejLYKxyZuhBEBCNIWhDv1e4XL9Re7Oc=
Last-Modified
Wed, 15 Apr 2020 01:14:44 GMT
Server
AmazonS3
ETag
"2959e27e9d485bc25a176efa0b588b8b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Wed, 03 Apr 2024 19:25:32 GMT
klaviyo.js
static.klaviyo.com/onsite/js/
2 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SPVrx8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f277a33bb54b047a41ea8e39078091d8ce5a0000138e87cae7fa49b54e728f97
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 03 Apr 2024 19:25:30 GMT
age
1384
x-cache
HIT, HIT
content-length
921
x-served-by
cache-lga21927-LGA, cache-fra-eddf8230051-FRA
server
nginx
x-timer
S1712172331.965928,VS0,VE2
etag
"6b3db452dcb944201c01d80166b8ed12"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
2, 1
api.min.js
a.omappapi.com/app/js/
51 KB
18 KB
Script
General
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
7c30ea86cee07091748087becac959aaa4c528d522a604e27ae35fec322c4248

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:30 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-662
cdn-cachedat
04/03/2024 18:32:30
cdn-pullzone
293267
last-modified
Mon, 25 Mar 2024 18:19:30 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6601c032-cbe7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
28ca2f35c16ca7bf0b8b3f0d1c84d70f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
51747.js
www.dwin1.com/
43 KB
12 KB
Script
General
Full URL
https://www.dwin1.com/51747.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aee593f5ac5d62643eda762bcfe7415f6585a21bd5c562568bac089db55ac473

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
8VsM3iA6nF80IhY9EkapfVYU.jXoirqp
content-encoding
gzip
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
date
Wed, 03 Apr 2024 19:25:30 GMT
x-amz-cf-pop
PRG50-C1
age
230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 21 Mar 2024 07:47:21 GMT
server
AmazonS3
etag
W/"8fc87b91a11867d8b8315adf0e25b00a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
bYufnOBL-HM1borH8TzU-sIliYY5xgiLtYusB1stHPXhCm2pzQmefg==
heap-3001013979.js
cdn.heapanalytics.com/js/
114 KB
37 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-3001013979.js
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-50.prg50.r.cloudfront.net
Software
nginx / Express
Resource Hash
2db8e82deafd59bce8d6a83f2cbe53811a194ccae4bdc0195478390de1aa7bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:24:42 GMT
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
PRG50-C1
age
49
x-powered-by
Express
etag
W/"1c962-gRzZAoKOc5Rdhn+Zig468sqEunk"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
l21sgjJ482m3YhVKs5f5kXRUTyTWogP9lLo-rq1-bEYo6uIjoGFczw==
collect
www.google-analytics.com/j/
4 B
216 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=640255942&t=pageview&_s=1&dl=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&ul=en-us&de=UTF-8&dt=Contributor%20Pathways&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YEBAAEABAAAAACAAI~&jid=236797050&gjid=606626840&cid=1520926513.1712172331&tid=UA-43090526-1&_gid=533371035.1712172331&_r=1&_slc=1&gtm=45He4410n81M2ZD2GPv830082371za200&cd3=general&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1444706419
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://join.us.grouptogether.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.min.css
a.omappapi.com/app/js/
10 KB
3 KB
Stylesheet
General
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
d8ebc2b139b503f1c654388426cb02a34f494509bb62e53fa9844830ecdab65c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:30 GMT
content-encoding
br
cdn-edgestorageid
1082
perma-cache
HIT
cdn-storageserver
DE-680
cdn-cachedat
04/03/2024 18:32:30
cdn-pullzone
293267
last-modified
Mon, 25 Mar 2024 18:19:38 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
587
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6601c03a-2644"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
aaae67b816b8d8fbb2cf94caceb183fa
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
190779
api.omappapi.com/v2/embed/
227 B
705 B
XHR
General
Full URL
https://api.omappapi.com/v2/embed/190779?d=join.us.grouptogether.com
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
via
1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
x-cache-config
0 0
x-amz-cf-pop
AMS50-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
x-optinmonster-account
205936
x-user-agent
standard--
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
cloudflare
etag
W/"b91e5dc54e033e761837b7b846da520f"
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
cf-ray
86eb71ecbed89f51-FRA
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
KYJ_K4oPwd6blf57uhx7_e4OErDQQZ_AThOC0MqVLOo7l42tEY2LGA==
expires
Wed, 03 Apr 2024 19:09:12 GMT
1486802968291534
connect.facebook.net/signals/config/
55 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1486802968291534?v=2.9.151&r=stable&domain=join.us.grouptogether.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e152d42112d040c13e5123de0a52c143b31e261eae7d18642797f2f6f85734c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Apr 2024 19:25:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11587
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=62, mss=1326, tbw=63167, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
vJxe0tRmLqFRHCv3LW4Q2rF6tThI/1Uebi+KioYj6i4t2JNa7Ia80AGAoZ9Bwk3Wiqb/tKXLhOpPqDRkrYy2rQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
356 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43090526-1&cid=1520926513.1712172331&jid=236797050&gjid=606626840&_gid=533371035.1712172331&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1655804304
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 03 Apr 2024 19:25:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://join.us.grouptogether.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
fender_analytics.8ee3a48d91bbcbc2f4a6.js
static-tracking.klaviyo.com/onsite/js/
31 KB
13 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.8ee3a48d91bbcbc2f4a6.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SPVrx8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e56d9f0ff4291aab14a84849e87ae705ea5b5b1510f4b09b1b56b152943d0ec0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fj_WSCDgeDJmLT23uIXcrm3yGcxVQmmv
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 03 Apr 2024 19:25:31 GMT
x-amz-request-id
ENYEQZHRR3FFRDQK
age
330
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12744
x-amz-id-2
DEnB0TAiZnuESuO9bKr5mEdYKMTeiILLYhzjHvMnCoa53r0UIgz/oqoSi28tT2l1EGpb3CDi79A=
x-served-by
cache-lga21936-LGA, cache-fra-eddf8230040-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"6a54019812c61c48794d3e0e96705d52"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
17, 330
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SPVrx8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 03 Apr 2024 19:25:31 GMT
x-amz-request-id
ENY9D5YSSWTZMA0V
age
330
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1029
x-amz-id-2
7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by
cache-lga21976-LGA, cache-fra-eddf8230040-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3, 322
runtime.0ee615547b2ad76db03c.js
static.klaviyo.com/onsite/js/
20 KB
9 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.0ee615547b2ad76db03c.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SPVrx8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96c57b98f9b7055bbe9e9b532e874d8a7f994504774450163bff57d64d723f36

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
EWOkxQxrUTT3ldfwGFSs4rH4jtgLmB6H
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 03 Apr 2024 19:25:30 GMT
x-amz-request-id
EEGVF3PC0YH5X67J
age
330
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8223
x-amz-id-2
hcL34VZQS7isSiKtf8Q/JcY+dy6F0Dd7JuqW3g9yCxR8Y/YqRUeJiCMBhWuYJ/DyBTyfOO+9cYQ=
x-served-by
cache-lga21966-LGA, cache-fra-eddf8230105-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"d1f9d2421cba6a77f0a7e07df738a9a7"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
40, 405
sharedUtils.f9545b047531d295d153.js
static.klaviyo.com/onsite/js/
44 KB
18 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.f9545b047531d295d153.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SPVrx8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0db7e9ecb5521298403292e544c9d589ca605178345ec608b920ade214bc5d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0E5iv79jKIfl363bn.V8l8ym.UbmDXzG
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 03 Apr 2024 19:25:30 GMT
x-amz-request-id
EEGZ7PNT1AHJ99YK
age
330
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
17955
x-amz-id-2
12XOAgASWKL+x1JiahjKPRnsjPVUy3OmRpJd0ifHBv/SGURC8JolyBs4LQakMP0YgGUQu1Wg7iQ=
x-served-by
cache-lga21955-LGA, cache-fra-eddf8230105-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"d735299a5562e91df2c84100415085e9"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
16, 407
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1486802968291534&ev=PageView&dl=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&rl=&if=false&ts=1712172330994&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712172330993.1938057029&ler=empty&cdl=API_unavailable&it=1712172330976&coo=false&rqm=GET
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Apr 2024 19:25:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
134617040.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/134617040.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 03 Apr 2024 19:25:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CBDAAFCCFD49497B94B0D24FE3443E59 Ref B: FRAEDGE1307 Ref C: 2024-04-03T19:25:30Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
285 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=134617040&tm=gtm002&Ver=2&mid=495b7e6a-a365-42cc-a13d-c066ae2d8859&sid=ef56faf0f1ef11ee920a8387ad1318ae&vid=ef5715f0f1ef11ee81af3913f44b5233&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Contributor%20Pathways&p=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&r=&lt=526&evt=pageLoad&sv=1&rn=725817
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Apr 2024 19:25:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A02CB5820A1D43FAB67866203E67B723 Ref B: FRAEDGE1307 Ref C: 2024-04-03T19:25:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
261 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4M9ZL4VMPQ&gtm=45je4410v9108230948z8830082371za200&_p=1712172330748&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1520926513.1712172331&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712172331&sct=1&seg=0&dl=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&dt=Contributor%20Pathways&en=page_view&_fv=1&_ss=1&tfd=805
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4M9ZL4VMPQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://join.us.grouptogether.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4M9ZL4VMPQ&cid=1520926513.1712172331&gtm=45je4410v9108230948z8830082371za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4M9ZL4VMPQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://join.us.grouptogether.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4M9ZL4VMPQ&cid=1520926513.1712172331&gtm=45je4410v9108230948z8830082371za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1516246676
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-43090526-1&cid=1520926513.1712172331&jid=236797050&npa=1&_u=YEBAAEAAAAAAACAAI~&z=824755439
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-43090526-1&cid=1520926513.1712172331&jid=236797050&npa=1&_u=YEBAAEAAAAAAACAAI~&z=824755439
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
49 KB
18 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/4ee3845d9aab7ab51cf9f387a/ea19c9812d790163177329d08.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ae3589a82b0ae966434aee01dd631bd200bfed9768069ccdaf5d14c71e944098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18039
x-xss-protection
0
server
cafe
etag
7361208220132447630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Apr 2024 19:25:31 GMT
modules.4bbac2bdc7f1b66d3009.js
script.hotjar.com/
221 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.4bbac2bdc7f1b66d3009.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-203070.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-80.prg50.r.cloudfront.net
Software
/
Resource Hash
261e44bd5998183c1bde239149a4be112fd5afd76c1efb12da82f24cf20561d4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 12:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
109825
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55706
last-modified
Tue, 02 Apr 2024 12:54:16 GMT
etag
"d8eecaf9ad4fc4bf64b1230f03df9166"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
dVc8_6olbcojnAwx0Rai3b6MoG-fsMagjtXM4fR4Uxxj49-irhAVxQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/666009457/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666009457/?random=1712172331139&cv=9&fst=1712172331139&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&tiba=Contributor%20Pathways&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5.ad5ae419.min.js
a.omappapi.com/app/js/
16 KB
6 KB
Script
General
Full URL
https://a.omappapi.com/app/js/5.ad5ae419.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-679
cdn-cachedat
04/03/2024 18:32:30
cdn-pullzone
293267
last-modified
Tue, 12 Mar 2024 17:21:07 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
750
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65f08f03-418b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
686173c0127bfe1ee6fdc640a8e43c27
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
h
heapanalytics.com/
37 B
261 B
Image
General
Full URL
https://heapanalytics.com/h?a=3001013979&u=5234243140520492&v=8392732868860516&s=2119039274881100&b=web&tv=4.0&z=0&h=%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c&q=%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&d=join.us.grouptogether.com&t=Contributor%20Pathways&us=us-gt-contribute-friendly-reminder-new%20(clone)&um=email&ua=us-gt-contribute-friendly-reminder-new&ts=1712172331202&ubv=123.0.6312.105&upv=10.0.0&st=1712172331203
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.231.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-231-230.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1712172331271&li_adsId=b2088b42-b43f-4985-bf0b-edd5be8c05a1&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1712172331271&li_adsId=b2088b42-b43f-4985-bf0b-edd5be8c05a1&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1712172331271&li_adsId=b2088b42-b43f-4985-bf0b-edd5be8c05a1&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&e_ipv6=AQIt5qX1Ng2llQAAAY6lbHOV_tWy1BB_f_cfEyVagT1mudRL6AGO865-YKiD1PmaGaoGt1djGnjXuX9fNKkV7mqi_bN7Wg
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D5FEBF84DE25402FA6F25EAB69FE5E16 Ref B: FRAEDGE1721 Ref C: 2024-04-03T19:25:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYVNi+m3VQNgQZzLbd4pQ==

Redirect headers

date
Wed, 03 Apr 2024 19:25:31 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C6239095F5C441088357AF292B76EA46 Ref B: FRAEDGE1517 Ref C: 2024-04-03T19:25:31Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1712172331271&li_adsId=b2088b42-b43f-4985-bf0b-edd5be8c05a1&url=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&e_ipv6=AQIt5qX1Ng2llQAAAY6lbHOV_tWy1BB_f_cfEyVagT1mudRL6AGO865-YKiD1PmaGaoGt1djGnjXuX9fNKkV7mqi_bN7Wg
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYVNi+jXY+OvuEbtYOUww==
main.d1ecc6ee.js
s.pinimg.com/ct/lib/
64 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"671fd3d6701d35a87b369bffd3965ff6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18590
/
a.klaviyo.com/client/profiles/
126 B
237 B
XHR
General
Full URL
https://a.klaviyo.com/client/profiles/?company_id=SPVrx8
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.8ee3a48d91bbcbc2f4a6.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d3b7a2bc206bfeb29739b1aa7611385cb32eee1cdfb03c44e053bebf112fb3a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
revision
2023-06-15
Referer
X-Klaviyo-Onsite
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-klaviyo-api-revision
2023-06-15
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
content-length
126
cid
SPVrx8
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
content-type
application/vnd.api+json
cf-ray
86eb71f048121957-FRA
x-robots-tag
noindex, nofollow
/
a.klaviyo.com/client/profiles/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/client/profiles/?company_id=SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method
POST
Origin
https://join.us.grouptogether.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, revision, x-klaviyo-onsite
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
GET, POST, HEAD, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
86eb71ef5ebf1957-FRA
cid
SPVrx8
content-encoding
gzip
content-language
en-us
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
content-type
text/html; charset=utf-8
date
Wed, 03 Apr 2024 19:25:31 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
get-groupcard-cover
join-us.grouptogether.com/api/contributions/
580 B
1 KB
XHR
General
Full URL
https://join-us.grouptogether.com/api/contributions/get-groupcard-cover?collection=f8675664-a986-43bd-ac08-eccbd7d9488c
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3f10a9a45d8df885274349c2f65ac1fe82d5524de58c3fecad9c748370283f7d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
contribution-details
join-us.grouptogether.com/api/contributions/
2 KB
2 KB
XHR
General
Full URL
https://join-us.grouptogether.com/api/contributions/contribution-details?collection=f8675664-a986-43bd-ac08-eccbd7d9488c
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e93e0ee16d5d07e5eba358409681646f9403e56bdcbdce9fac2744322028e30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
NoThanks-65193f33.js
join.us.grouptogether.com/assets/
1 KB
734 B
Script
General
Full URL
https://join.us.grouptogether.com/assets/NoThanks-65193f33.js
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56f021f1c14c6a94e4b518ef9558cfd927397546ea7c6f98c3472300055e1089
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:30 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
x-content-type-options
nosniff
etag
"60111715"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
NoThanks-b58027f3.css
join.us.grouptogether.com/assets/
170 B
168 B
Stylesheet
General
Full URL
https://join.us.grouptogether.com/assets/NoThanks-b58027f3.css
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b58027f30eaf06055d94d9869c616b43a7c5b70ec7dfe41b1cee62680f42e82f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
x-content-type-options
nosniff
etag
"60111715"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
102 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1486802968291534&ev=PageView&dl=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%2FNo-Thanks&rl=&if=false&ts=1712172331400&sw=800&sh=600&v=2.9.151&r=stable&ec=1&o=4126&fbp=fb.1.1712172330993.1938057029&ler=empty&cdl=API_unavailable&it=1712172330976&coo=false&rqm=GET
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=3119, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Apr 2024 19:25:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
h
heapanalytics.com/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/h?a=3001013979&u=5234243140520492&v=3999849123847684&s=2119039274881100&b=web&tv=4.0&z=2&h=%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%2FNo-Thanks&d=join.us.grouptogether.com&t=GT%20%7C%20No%20Thanks&ts=1712172331403&pr=%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c&sp=z&sp=0&sp=us&sp=us-gt-contribute-friendly-reminder-new%20(clone)&sp=um&sp=email&sp=ua&sp=us-gt-contribute-friendly-reminder-new&sp=ts&sp=1712172331202&sp=d&sp=join.us.grouptogether.com&sp=h&sp=%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c&sp=t&sp=Contributor%20Pathways&sp=q&sp=%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&ubv=123.0.6312.105&upv=10.0.0&st=1712172331404
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.231.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-231-230.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
/
ct.pinterest.com/user/
323 B
634 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2614202333356&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1712172331490&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83078384b11b6367b088f0d71ec33dd8d9958dd797733ee2d8234fb6bf15e153

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1224145026803412
content-length
184
pin-unauth
dWlkPVlqTm1NamhpTldVdE56a3hOUzAwTkRKbUxUbGpaV1F0WVdVM1pHTTFZek5oWWpFeQ
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://join.us.grouptogether.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
b4fa9ace3646012111de8f6a9b42456c32ee23fe
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
0
Fetch
General
Full URL
https://ct.pinterest.com/v3/?tid=2614202333356&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%2FNo-Thanks%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A600%2C%22sw%22%3A800%2C%22mh%22%3A%22d1ecc6ee%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1712172331492
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:31 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://join.us.grouptogether.com
pinterest-version
b4fa9ace3646012111de8f6a9b42456c32ee23fe
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1831426955299414
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
GetGroupCard
join-us.grouptogether.com/api/groupcard/
9 KB
4 KB
XHR
General
Full URL
https://join-us.grouptogether.com/api/groupcard/GetGroupCard?collection=f8675664-a986-43bd-ac08-eccbd7d9488c
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1552b3076f38201cd7d8864c4ed0cf0386b01fd83eb864144053384bd138a3be
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
get-groupcard-cover
join-us.grouptogether.com/api/contributions/
580 B
1 KB
XHR
General
Full URL
https://join-us.grouptogether.com/api/contributions/get-groupcard-cover?collection=f8675664-a986-43bd-ac08-eccbd7d9488c
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3f10a9a45d8df885274349c2f65ac1fe82d5524de58c3fecad9c748370283f7d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
/
a.klaviyo.com/client/events/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/client/events/?company_id=SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method
POST
Origin
https://join.us.grouptogether.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, revision, x-klaviyo-onsite
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
GET, POST, HEAD, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
86eb71f179701957-FRA
cid
SPVrx8
content-encoding
gzip
content-language
en-us
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-type
text/html; charset=utf-8
date
Wed, 03 Apr 2024 19:25:31 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
/
a.klaviyo.com/client/events/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/client/events/?company_id=SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method
POST
Origin
https://join.us.grouptogether.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, revision, x-klaviyo-onsite
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
GET, POST, HEAD, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
86eb71f179711957-FRA
cid
SPVrx8
content-encoding
gzip
content-language
en-us
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-type
text/html; charset=utf-8
date
Wed, 03 Apr 2024 19:25:31 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
/
a.klaviyo.com/client/events/
0
300 B
XHR
General
Full URL
https://a.klaviyo.com/client/events/?company_id=SPVrx8
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.8ee3a48d91bbcbc2f4a6.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
revision
2023-02-22
Referer
X-Klaviyo-Onsite
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-klaviyo-api-revision
2023-02-22
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
cf-ray
86eb71f27ab61957-FRA
x-robots-tag
noindex, nofollow
content-length
0
cid
SPVrx8
/
a.klaviyo.com/client/events/
0
266 B
XHR
General
Full URL
https://a.klaviyo.com/client/events/?company_id=SPVrx8
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.8ee3a48d91bbcbc2f4a6.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
revision
2023-02-22
Referer
X-Klaviyo-Onsite
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-klaviyo-api-revision
2023-02-22
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
cf-ray
86eb71f27abc1957-FRA
x-robots-tag
noindex, nofollow
content-length
0
cid
SPVrx8
sheep_GIF_alpha_smallV3-c65b5c81.gif
join.us.grouptogether.com/assets/
3 MB
3 MB
Image
General
Full URL
https://join.us.grouptogether.com/assets/sheep_GIF_alpha_smallV3-c65b5c81.gif
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c65b5c81e9eec30bf811306d50897f2b1c41799ced05bbea07e6da78de447513
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
etag
"60111715"
x-dns-prefetch-control
off
content-type
image/gif
cache-control
public, must-revalidate, max-age=30
content-length
3576370
x-xss-protection
1; mode=block
medium-052404d0.woff2
join.us.grouptogether.com/assets/
7 KB
7 KB
Font
General
Full URL
https://join.us.grouptogether.com/assets/medium-052404d0.woff2
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-8468199d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
052404d056586c91b4dfd609f8f4c72089b73b5026554203b93ea036804b924f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/assets/index-8468199d.css
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
etag
"60111715"
x-dns-prefetch-control
off
content-type
font/woff2
cache-control
public, must-revalidate, max-age=30
content-length
7548
x-xss-protection
1; mode=block
GetGroupCard
join-us.grouptogether.com/api/groupcard/
9 KB
4 KB
XHR
General
Full URL
https://join-us.grouptogether.com/api/groupcard/GetGroupCard?collection=f8675664-a986-43bd-ac08-eccbd7d9488c
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1552b3076f38201cd7d8864c4ed0cf0386b01fd83eb864144053384bd138a3be
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
save-invitation-status
join-us.grouptogether.com/api/contributions/
12 B
759 B
XHR
General
Full URL
https://join-us.grouptogether.com/api/contributions/save-invitation-status?response=nothanks&invitationGuidId=1002de2e-1e5b-4f6b-bb10-57d4f894d241
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-c264630b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.118.40.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
448ebdcd549bf9f1a6b36a49f0da7ce4324bc97007bdd199bae720eb651b5d5c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 19:25:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
regular-5a4a2406.woff2
join.us.grouptogether.com/assets/
42 KB
42 KB
Font
General
Full URL
https://join.us.grouptogether.com/assets/regular-5a4a2406.woff2
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/assets/index-8468199d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a4a2406505cd6006eb217f691f14208968ab7f92fe854956f6c772f141da118
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/assets/index-8468199d.css
Origin
https://join.us.grouptogether.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
etag
"60111715"
x-dns-prefetch-control
off
content-type
font/woff2
cache-control
public, must-revalidate, max-age=30
content-length
43224
x-xss-protection
1; mode=block
/
px.ads.linkedin.com/wa/
0
203 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:32 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2B1F942C93594E2BA5E35FFE9593FFEC Ref B: FRAEDGE1517 Ref C: 2024-04-03T19:25:32Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://join.us.grouptogether.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYVNi+p2tlzcXo3wROI+w==
jbxyxjkx
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/jbxyxjkx
Requested by
Host: join.us.grouptogether.com
URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-114.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecac6c222060d8211c27ee19e702bd9b7b4aa1b052be4da5427db4b776d3f024

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
TcPEQkbCargn9PieXiNQCB6A0cQmXPp7
content-encoding
gzip
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
date
Wed, 03 Apr 2024 19:24:13 GMT
x-amz-cf-pop
PRG50-C1
age
155
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Wed, 03 Apr 2024 09:41:56 GMT
server
AmazonS3
etag
"3d605d4193c83a8dfe2e312e27e33d6d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
G5kpMMemUk9tCv7x7rQQoFk0dtJmlblfI2rX2jqjN3VO2CxryAnm0Q==
token_create.js
ct.pinterest.com/static/ct/
4 KB
4 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:32 GMT
x-cdn
fastly
age
2193
etag
"00a3e23e5609ea9564eca6ae4e3949f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame 44B1
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 03 Apr 2024 19:25:32 GMT
pinterest-version
b4fa9ace3646012111de8f6a9b42456c32ee23fe
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1224405707088696
frame-modern.3a3d772c.js
js.intercomcdn.com/ Frame 4187
516 KB
142 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.3a3d772c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jbxyxjkx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-36.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfd5dcb2481f94f3209885c3dd794324e4eac4922c35471be2e6a40686493495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BGPVXiGb47OtqrT9epL_MS_DgVvU0I34
content-encoding
gzip
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
date
Wed, 03 Apr 2024 17:41:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
PRG50-C1
age
6214
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145163
last-modified
Wed, 03 Apr 2024 09:39:49 GMT
server
AmazonS3
etag
"1d254c1c28c2414066de1a95235a2551"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
HvkhwMlS_IsTPkmjdse6h12wzVUU0YcyX9sMxmsJ3KyhLoEvxpFyxA==
vendor-modern.9921b73c.js
js.intercomcdn.com/ Frame 4187
483 KB
148 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.9921b73c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jbxyxjkx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-36.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SnUU0Zq1h.U6bgKayiI8ORwV6RdgPhka
content-encoding
gzip
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
date
Wed, 03 Apr 2024 19:11:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
PRG50-C1
age
838
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
151135
last-modified
Thu, 28 Mar 2024 12:00:21 GMT
server
AmazonS3
etag
"ae95e8cfe55350008dcd098ebbe4cee3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
aX23zUCtOXHxUDjRpMsDxmbaSwrYdsFOi-liWEuJcZ93o1x9NQ-66Q==
favicon-32x32.png
join.us.grouptogether.com/icons/
1 KB
1 KB
Other
General
Full URL
https://join.us.grouptogether.com/icons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.12.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab9d5d6c25d94612eb441d730133544cee9ff60eea55151792c6fc1dc769790b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 19:25:31 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2024 05:43:38 GMT
etag
"60111715"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
1086
x-xss-protection
1; mode=block
ping
api-iam.intercom.io/messenger/web/ Frame 4187
0
0

collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4M9ZL4VMPQ&gtm=45je4410v9108230948za200&_p=1712172330748&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1520926513.1712172331&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&sid=1712172331&sct=1&seg=0&dl=https%3A%2F%2Fjoin.us.grouptogether.com%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8&dt=Contributor%20Pathways&_s=2&tfd=5816
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4M9ZL4VMPQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 19:25:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://join.us.grouptogether.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| Intercom function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| Croppie object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY__ boolean| __VUE__ object| dataLayer object| intercomSettings function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings string| _linkedin_data_partner_id function| pintrk function| fbq function| _fbq object| heap object| gaplugins object| gaGlobal object| gaData object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om205936_190779 object| _omq function| omq object| _learnq string| __klKey function| UET function| UET_init function| UET_push object| ueto_9463d042e7 object| uetq object| webpackChunk_klaviyo_onsite_modules function| onYouTubeIframeAPIReady object| $mcSite object| AWIN object| shrslImgs function| AwinCustomEvent object| _klOnsite object| klaviyo object| core object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_noFurtherRedirects function| lintrk boolean| _already_called_lintrk object| ORIBILI function| __intercomAssignLocation function| __intercomReloadLocation

22 Cookies

Domain/Path Name / Value
.grouptogether.com/ Name: _gcl_au
Value: 1.1.89345468.1712172331
.grouptogether.com/ Name: _gid
Value: GA1.2.533371035.1712172331
.grouptogether.com/ Name: _gat_UA-43090526-1
Value: 1
join.us.grouptogether.com/ Name: _omappvp
Value: WtxZaCSHLR8P9gtscaHYWVkU95ZqT1GZRR7h073THTRcuIf90uQiZ3EM5sjbicTQu0uOtBqpKazaHPXVBH6eZPTTSJhP2Z0f
join.us.grouptogether.com/ Name: _omappvs
Value: 1712172330968
.grouptogether.com/ Name: _fbp
Value: fb.1.1712172330993.1938057029
.grouptogether.com/ Name: _uetsid
Value: ef56faf0f1ef11ee920a8387ad1318ae
.grouptogether.com/ Name: _uetvid
Value: ef5715f0f1ef11ee81af3913f44b5233
.bing.com/ Name: MUID
Value: 2C2862FAD777620913FB76ACD6A563B0
.grouptogether.com/ Name: _ga
Value: GA1.1.1520926513.1712172331
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.grouptogether.com/ Name: _hjSessionUser_203070
Value: eyJpZCI6IjkwM2UxYjhmLTgwMjYtNTNkNy1hMDFjLWM0NTViY2RmMjVkZCIsImNyZWF0ZWQiOjE3MTIxNzIzMzEyNjIsImV4aXN0aW5nIjp0cnVlfQ==
.grouptogether.com/ Name: _hjSession_203070
Value: eyJpZCI6ImE0Yjk1NDllLThiY2ItNDFhZC1iZWQyLTFlZjdmYWUyMTc1YiIsImMiOjE3MTIxNzIzMzEyNjMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.grouptogether.com/ Name: _hp2_id.3001013979
Value: %7B%22userId%22%3A%225234243140520492%22%2C%22pageviewId%22%3A%223999849123847684%22%2C%22sessionId%22%3A%222119039274881100%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.grouptogether.com/ Name: _hp2_ses_props.3001013979
Value: %7B%22us%22%3A%22us-gt-contribute-friendly-reminder-new%20(clone)%22%2C%22um%22%3A%22email%22%2C%22ua%22%3A%22us-gt-contribute-friendly-reminder-new%22%2C%22ts%22%3A1712172331202%2C%22d%22%3A%22join.us.grouptogether.com%22%2C%22h%22%3A%22%2Fcontribute%2Ff8675664-a986-43bd-ac08-eccbd7d9488c%22%2C%22q%22%3A%22%3Fres%3Dnothanks%26invId%3D1002de2e-1e5b-4f6b-bb10-57d4f894d241%26utm_source%3Dus-gt-contribute-friendly-reminder-new%2520%2528clone%2529%26utm_medium%3Demail%26utm_campaign%3Dus-gt-contribute-friendly-reminder-new%26_kx%3DkwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8%22%7D
.pinterest.com/ Name: ar_debug
Value: 1
.join.us.grouptogether.com/ Name: _pin_unauth
Value: dWlkPVlqTm1NamhpTldVdE56a3hOUzAwTkRKbUxUbGpaV1F0WVdVM1pHTTFZek5oWWpFeQ
join.us.grouptogether.com/ Name: __kla_id
Value: eyJjaWQiOiJPREEwWXprM01UY3RObU5tWkMwME56ZzRMVGsxTURVdFpXUTRNMlF3TlRWaU1qWmwiLCIkcmVmZXJyZXIiOnsidHMiOjE3MTIxNzIzMzEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vam9pbi51cy5ncm91cHRvZ2V0aGVyLmNvbS9jb250cmlidXRlL2Y4Njc1NjY0LWE5ODYtNDNiZC1hYzA4LWVjY2JkN2Q5NDg4Yz9yZXM9bm90aGFua3MmaW52SWQ9MTAwMmRlMmUtMWU1Yi00ZjZiLWJiMTAtNTdkNGY4OTRkMjQxJnV0bV9zb3VyY2U9dXMtZ3QtY29udHJpYnV0ZS1mcmllbmRseS1yZW1pbmRlci1uZXclMjAlMjhjbG9uZSUyOSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj11cy1ndC1jb250cmlidXRlLWZyaWVuZGx5LXJlbWluZGVyLW5ldyZfa3g9a3dmSGh5ZjByakFFM2hvNnExZWpMLU1SRGgtR0hrdU1sNkpvWG05ZWZYR3hNVWloV2w2QV9sX0xNaFpWUU05Ri5TUFZyeDgifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MTIxNzIzMzIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vam9pbi51cy5ncm91cHRvZ2V0aGVyLmNvbS9jb250cmlidXRlL2Y4Njc1NjY0LWE5ODYtNDNiZC1hYzA4LWVjY2JkN2Q5NDg4Yz9yZXM9bm90aGFua3MmaW52SWQ9MTAwMmRlMmUtMWU1Yi00ZjZiLWJiMTAtNTdkNGY4OTRkMjQxJnV0bV9zb3VyY2U9dXMtZ3QtY29udHJpYnV0ZS1mcmllbmRseS1yZW1pbmRlci1uZXclMjAlMjhjbG9uZSUyOSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj11cy1ndC1jb250cmlidXRlLWZyaWVuZGx5LXJlbWluZGVyLW5ldyZfa3g9a3dmSGh5ZjByakFFM2hvNnExZWpMLU1SRGgtR0hrdU1sNkpvWG05ZWZYR3hNVWloV2w2QV9sX0xNaFpWUU05Ri5TUFZyeDgifSwiJGV4Y2hhbmdlX2lkIjoia3dmSGh5ZjByakFFM2hvNnExZWpMLU1SRGgtR0hrdU1sNkpvWG05ZWZYR3hNVWloV2w2QV9sX0xNaFpWUU05Ri5TUFZyeDgifQ==
.linkedin.com/ Name: bcookie
Value: "v=2&ec3cf146-d157-42f8-8fef-d2b25880b1f9"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTIxNzIzMzE7MjswMjHFwxRL+1727bG1/I5OpHil4sLWtcl3gRot9qtL8nSe5Q==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3195:u=1:x=1:i=1712172331:t=1712258731:v=2:sig=AQEykVi2LYAh74yUHGsymlKdxgO7iec0"
.grouptogether.com/ Name: _ga_4M9ZL4VMPQ
Value: GS1.1.1712172331.1.1.1712172332.59.0.0

15 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1486802968291534?v=2.9.151&r=stable&domain=join.us.grouptogether.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c?res=nothanks&invId=1002de2e-1e5b-4f6b-bb10-57d4f894d241&utm_source=us-gt-contribute-friendly-reminder-new%20%28clone%29&utm_medium=email&utm_campaign=us-gt-contribute-friendly-reminder-new&_kx=kwfHhyf0rjAE3ho6q1ejL-MRDh-GHkuMl6JoXm9efXGxMUihWl6A_l_LMhZVQM9F.SPVrx8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://join.us.grouptogether.com/contribute/f8675664-a986-43bd-ac08-eccbd7d9488c/No-Thanks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
a.omappapi.com
api-iam.intercom.io
api.omappapi.com
bat.bing.com
cdn.heapanalytics.com
chimpstatic.com
connect.facebook.net
ct.pinterest.com
googleads.g.doubleclick.net
heapanalytics.com
join-us.grouptogether.com
join.us.grouptogether.com
js.intercomcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.pinimg.com
script.hotjar.com
snap.licdn.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
stats.g.doubleclick.net
trk.klclick.com
widget.intercom.io
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api-iam.intercom.io
13.107.42.14
151.101.0.84
151.101.128.84
151.101.130.133
151.101.194.133
172.217.16.194
2.17.177.117
20.118.40.9
20.82.12.44
2001:4860:4802:34::36
2400:52e0:1e00::1081:1
2600:9000:2127:3400:f:8ce2:fb80:93a1
2600:9000:2204:a400:14:c8fd:7700:93a1
2606:4700:3108::ac42:2af8
2606:4700::6812:2bb
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:806::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:1492
2a02:26f0:3500:887::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.222.139.116
54.92.231.230
65.9.95.114
65.9.95.36
65.9.95.50
65.9.95.80
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
052404d056586c91b4dfd609f8f4c72089b73b5026554203b93ea036804b924f
09fa583f8d191cafbfb8c0c9be50b3a61e855e7976500de0a0ad76ba5a9cdff4
1552b3076f38201cd7d8864c4ed0cf0386b01fd83eb864144053384bd138a3be
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
261e44bd5998183c1bde239149a4be112fd5afd76c1efb12da82f24cf20561d4
2db8e82deafd59bce8d6a83f2cbe53811a194ccae4bdc0195478390de1aa7bf3
3ce444e66dc266a6622bf4be5d766bfb4404017a7fbcf6613c48fcfdd0b3c72f
3f10a9a45d8df885274349c2f65ac1fe82d5524de58c3fecad9c748370283f7d
4029845189fdac3229837e248dfd088f32917c27de230931127773cf005c3aa2
448ebdcd549bf9f1a6b36a49f0da7ce4324bc97007bdd199bae720eb651b5d5c
56f021f1c14c6a94e4b518ef9558cfd927397546ea7c6f98c3472300055e1089
5a4a2406505cd6006eb217f691f14208968ab7f92fe854956f6c772f141da118
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a
5e93e0ee16d5d07e5eba358409681646f9403e56bdcbdce9fac2744322028e30
5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7c30ea86cee07091748087becac959aaa4c528d522a604e27ae35fec322c4248
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83078384b11b6367b088f0d71ec33dd8d9958dd797733ee2d8234fb6bf15e153
8468199d7a389cab3c492f6328dde6856de5e5287ab1e605ddae101d8ccc4f27
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
96c57b98f9b7055bbe9e9b532e874d8a7f994504774450163bff57d64d723f36
9d3b7a2bc206bfeb29739b1aa7611385cb32eee1cdfb03c44e053bebf112fb3a
a4b5e8ad281ab02c3da9f840a7ac3c7076b302578abf8b9b6037f5893b0fd497
ab9d5d6c25d94612eb441d730133544cee9ff60eea55151792c6fc1dc769790b
ae3589a82b0ae966434aee01dd631bd200bfed9768069ccdaf5d14c71e944098
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee593f5ac5d62643eda762bcfe7415f6585a21bd5c562568bac089db55ac473
b0db7e9ecb5521298403292e544c9d589ca605178345ec608b920ade214bc5d9
b58027f30eaf06055d94d9869c616b43a7c5b70ec7dfe41b1cee62680f42e82f
b6bca8e93540ca58e617871b40b2bb336cc6e39ba3b9ae719f9e8883dde4f33b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfd5dcb2481f94f3209885c3dd794324e4eac4922c35471be2e6a40686493495
c65b5c81e9eec30bf811306d50897f2b1c41799ced05bbea07e6da78de447513
ca7b2fa862fe29e4ca33947161ee0ef68f67e995399f078aae987d8c1d9e8903
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
d8ebc2b139b503f1c654388426cb02a34f494509bb62e53fa9844830ecdab65c
dddcff5dc0c28e5ccb8da4355a7ef9f5e62e58ba69492b47f2d0aa579d3ad49d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e152d42112d040c13e5123de0a52c143b31e261eae7d18642797f2f6f85734c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e435847fa32688aba839bf20c94745f1fad4447384c5044f33b7b6c8c89788e1
e56d9f0ff4291aab14a84849e87ae705ea5b5b1510f4b09b1b56b152943d0ec0
ecac6c222060d8211c27ee19e702bd9b7b4aa1b052be4da5427db4b776d3f024
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277a33bb54b047a41ea8e39078091d8ce5a0000138e87cae7fa49b54e728f97
f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1
fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019