app.grouptogether.com Open in urlscan Pro
23.101.208.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk.klclick.com/ls/click?upn=R-2Fe503kKd21Sw-2F5HUmQpQbEf8y9DjAkt7tFnQcxcTYIkAGsCAig2SOZkGRfDVROvWOoqR1fIoUpyVzZ...
Effective URL:
https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C...
Submission: On June 05 via api (June 5th 2022, 10:18:59 pm UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 27 domains to perform 103 HTTP transactions. The main IP is 23.101.208.52, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app.grouptogether.com. The Cisco Umbrella rank of the primary domain is 812818.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 11th 2021. Valid for: a year.

This is the only time app.grouptogether.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:21f... 2600:9000:21f3:ea00:14:c8fd:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 25	23.101.208.52 23.101.208.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	52.239.131.36 52.239.131.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.77.11 13.225.77.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.198.15 13.224.198.15	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:88c::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	96.16.131.108 96.16.131.108	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.198.35 13.224.198.35	16509 (AMAZON-02) (AMAZON-02)
1	13.225.77.109 13.225.77.109	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.224.198.39 13.224.198.39	16509 (AMAZON-02) (AMAZON-02)
3	13.225.77.30 13.225.77.30	16509 (AMAZON-02) (AMAZON-02)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
103	32

1 2600:9000:21f3:ea00:14:c8fd:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 23.101.208.52 (Sydney, Australia) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-sy3-001.cloudapp.net

app.grouptogether.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az708830.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.131.36 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

grouptogethersite.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-11.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-15.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:88c::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.131.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-131-108.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-35.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-109.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-39.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.77.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-30.fra2.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	grouptogether.com 1 redirects app.grouptogether.com — Cisco Umbrella Rank: 812818	424 KB
17	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	12 KB
8	msecnd.net az708830.vo.msecnd.net	481 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 534 e.clarity.ms — Cisco Umbrella Rank: 2332 c.clarity.ms — Cisco Umbrella Rank: 1052	26 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	577 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 320 www.linkedin.com — Cisco Umbrella Rank: 560 px4.ads.linkedin.com — Cisco Umbrella Rank: 5318	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 324 c.bing.com — Cisco Umbrella Rank: 210	13 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2447	130 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 789	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6117	763 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	719 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	4 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2032 tr.outbrain.com — Cisco Umbrella Rank: 1872	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832	67 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	36 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2433 api-iam.intercom.io — Cisco Umbrella Rank: 2642	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	113 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 732	19 KB
2	windows.net grouptogethersite.blob.core.windows.net	98 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 419	23 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2056	255 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4724	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 760	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 114	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	75 KB
1	klclick.com 1 redirects trk.klclick.com — Cisco Umbrella Rank: 14717	688 B
103	27

	Domain	Requested by
25	app.grouptogether.com	1 redirects app.grouptogether.com
17	fonts.googleapis.com	app.grouptogether.com
8	az708830.vo.msecnd.net	app.grouptogether.com
4	www.facebook.com	app.grouptogether.com
3	js.intercomcdn.com	widget.intercom.io
3	e.clarity.ms	www.clarity.ms e.clarity.ms
3	ct.pinterest.com	s.pinimg.com app.grouptogether.com
3	www.google.de	app.grouptogether.com
3	www.google.com	app.grouptogether.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com app.grouptogether.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com app.grouptogether.com
3	cdnjs.cloudflare.com	app.grouptogether.com
2	c.clarity.ms	1 redirects
2	googleads.g.doubleclick.net	www.googleadservices.com
2	tr.outbrain.com	amplify.outbrain.com app.grouptogether.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	app.grouptogether.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	grouptogethersite.blob.core.windows.net	app.grouptogether.com
2	cdn.jsdelivr.net	app.grouptogether.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	c.bing.com	1 redirects
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	www.clarity.ms	bat.bing.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	app.grouptogether.com
1	www.linkedin.com	1 redirects
1	amplify.outbrain.com	app.grouptogether.com
1	chimpstatic.com	app.grouptogether.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.googletagmanager.com	app.grouptogether.com
1	static.hotjar.com	app.grouptogether.com
1	trk.klclick.com	1 redirects
103	37

This site contains links to these domains. Also see Links.

Domain
new.grouptogether.com
www.grouptogether.com

Subject Issuer	Validity	Valid
app.grouptogether.com Go Daddy Secure Certificate Authority - G2	`2021-09-11` - `2022-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-05-16` - `2023-05-16`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-06-13`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Frame ID: 424C78FFB98C6F73B7B7BB762021D28D
Requests: 99 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: B1C863F81C23D10F7CFEDB6D3D7F97B0
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ba8103e2.js
Frame ID: C50E2A91CD640B6FF1BFC5CE9F7E534A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Group Together | Create Collection

Page URL History Show full URLs

http://trk.klclick.com/ls/click?upn=R-2Fe503kKd21Sw-2F5HUmQpQbEf8y9DjAkt7tFnQcxcTYIkAGsCAig2SOZkGRf... HTTP 302
https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=We... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

103
Requests

96 %
HTTPS

51 %
IPv6

27
Domains

37
Subdomains

32
IPs

5
Countries

1568 kB
Transfer

3838 kB
Size

45
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://new.grouptogether.com/collectionsetup
Title: New site!

Search URL Search Domain Scan URL

URL: https://www.grouptogether.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.grouptogether.com/privacy
Title: Privacy Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk.klclick.com/ls/click?upn=R-2Fe503kKd21Sw-2F5HUmQpQbEf8y9DjAkt7tFnQcxcTYIkAGsCAig2SOZkGRfDVROvWOoqR1fIoUpyVzZ9UCZMUZXXyTw0nA8wMaZ9Oq8k1NH1N89-2FCjhziGLXuro9Zf9ongYIUOJK8l5J4ZrLoLbQi0Uv9ns2xP-2BpD8sjV-2Fko2UyrUBYlscJJO3VZ-2BxGzJKcMEL9P7UHK-2Bo9fjg5sPa4ho-2BCXOwcZFmgelfRAhzERvHdcTAQSqowBDxuvY7IFKOcf-2B9XDOWM76IA6go7G91WzM-2B4KipOhAjwwUVn9wFJPvfslXxTDf7yl2-2BriHmm-2Bo0gNbDDQxPCrcW6ipGem0S7MrttjH9nF358UgCVpizBy6rPRw8Pp2Kva5-2FUO9XyfyqVoW1eKbANvibCjctrrznrwgw-3D-3DXOD8_hTuCUiPUHdfOYbN9Ovn8LX68wPso701e-2FvQOifu-2FEed-2BuHiZRvU-2BlDk1akmFznZQqHrcVNUAlbDexsGhzCAV0uCKkRBFxCNw77Mr5vIqxULyK6J7cHUZzrtc488cfl8ENsVyH0IGKaTj24b8zDeNIY4uYzIbqFBrdAxRM9cFJIkkZgF-2FxbM-2BNYf6iWvzS8SKcI7tIHQRxIi8w-2FXAOpysUpJ2GD34ypWr6mLYW7cIK217bLVQ-2BQhXXot-2FmlcaclFb9G0ImCVvskDyNES7o26adAHXek5KbdN-2FXeAHbX8cbpbJJaclAwcynEjHM41TtnTnDlRGVqJZl7EouXFoTLKNV-2BgwwyoS3NCOtxcjsIarR6q3Dp50wWCNymxwvFJmHtqoVhAsRDEZBxkOvptTGlMoCg-3D-3D HTTP 302
https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%26utm_source%3DWelcome%2520Series%26utm_medium%3Demail HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2745052%26time%3D1654467534156%26url%3Dhttps%253A%252F%252Fapp.grouptogether.com%252Fcollectionsetup%253Futm_campaign%253DWelcome%252520Series%252520%25257C%252520Non%252520Parent%252520Gift%252520Contributor%25252C%252520Email%252520%2526_kx%253DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%25232%2526utm_content%253Dmenu-start-collection%2526utm_source%253DWelcome%252520Series%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%26utm_source%3DWelcome%2520Series%26utm_medium%3Demail&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%26utm_source%3DWelcome%2520Series%26utm_medium%3Demail&liSync=true&e_ipv6=AQKlGnKpaiFWegAAAYE18x9SQQm_UWTbTjStID8JHtk5jq0ucgRSEpYV_mTLvmOTfF_ZHbD4RknmoA

Request Chain 90

https://app.grouptogether.com/Account/GetCountryList HTTP 302
https://app.grouptogether.com/account/signin?ReturnUrl=%2fAccount%2fGetCountryList

Request Chain 95

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=4A1DE506F5EB4D57A00C753F289849DD&RedC=c.clarity.ms&MXFR=2ADEB9B50E8B687C0740A80F0A8B66E7 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=4A1DE506F5EB4D57A00C753F289849DD&MUID=3248EE2D51C26F9B3CC3FF9750106E71

Request Chain 96

https://widget.intercom.io/widget/jbxyxjkx HTTP 302
https://js.intercomcdn.com/shim.latest.js

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request collectionsetup Show response
app.grouptogether.com/
Redirect Chain

http://trk.klclick.com/ls/click?upn=R-2Fe503kKd21Sw-2F5HUmQpQbEf8y9DjAkt7tFnQcxcTYIkAGsCAig2SOZkGRfDVROvWOoqR1fIoUpyVzZ9UCZMUZXXyTw0nA8wMaZ9Oq8k1NH1N89-2FCjhziGLXuro9Zf9ongYIUOJK8l5J4ZrLoLbQi0Uv9ns...
https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75E...

102 KB
26 KB

794ms
284ms

Document
text/html

23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0816f014831e6dfb10906f0d035f73895382603ad84e6bd439c889758c4037f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 26167
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Jun 2022 22:18:51 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 4.0
X-Powered-By: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 327
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Jun 2022 22:18:51 GMT
Location: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8#2&utm_content=menu-start-collection
Server: nginx
Via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
X-Amz-Cf-Id: oJVMzD8dl2UKvzdR2jkvOgiKRzMMViB02zYmykCI0a5XGuavHwcJ_A==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
X-Robots-Tag: noindex, nofollow

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
3 KB 36ms
15ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6613028
x-jsd-version: 4.1.0-rc.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1tmUcqYt05a0pD6VgZbKBCeK5vOkDPJNTvYRkNo6aUWffcRMPigrcmUxDn0BQmYw5giNXtN4smCAjp40yWlEY65dY1FjNz6ngl7126A%2F4c5OQ7TVSCoqAcOin0gjPrXkw%2BfO4MnIVKd8c0Z0pA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 716c495ecc93694b-FRA

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/ 157 KB
18 KB 35ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3369384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17550
timing-allow-origin: *
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f2c377f-2722e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlwXTlRfdFX%2B1cH%2BXSUxCCgtTbWpYHCryft8xcVgYwRCizLvS5ifSKAIZIdqVknDm8hpNiY%2FSpnI0hXBG294ZjiwAGBIdfE7i8jQrNvRryZa%2Fkn76SPOCte%2FLcUsC2TIlLCR1dd4o%2FokUFs%2FacLYZzOF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 716c495ec91b9170-FRA
expires: Fri, 26 May 2023 22:18:52 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/css/ 58 KB
11 KB 52ms
31ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/css/all.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea087dec3e1ab60a0cfc17d8ceb237d2076e7a872d55d00e92cac615aab43489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 350848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Tue, 29 Sep 2020 16:15:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f735d97-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzywT9ff53D0alKlgcBqFrmvqZgUHy2hWVQZR7kHBQ0lcu3VzYICijOD8qyma3T%2FZUkcA6dOhUtxM2yvohkxdr27GKKYPBxWtWSVJXmFOKiViBeJPhWM%2BkfXfDCrZ1WzpM%2FOnEaVhWTKHG1P6aXC%2FN5i"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 716c495ec91c9170-FRA
expires: Fri, 26 May 2023 22:18:52 GMT

GET
H2 200 datepicker.css
az708830.vo.msecnd.net/scripts/mt-datepicker/ 5 KB
5 KB 42ms
10ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az708830.vo.msecnd.net/scripts/mt-datepicker/datepicker.css
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F80) /
Resource Hash: b00feb10bbe1cfed76dbea625a38ac7013a6461f031039728fa24727937a67ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:52 GMT
last-modified: Tue, 28 Aug 2018 09:07:51 GMT
server: ECAcc (frc/8F80)
content-md5: C02kcyvnsLFA7AZQgPKFtg==
age: 1273648
etag: 0x8D60CC5BB7CCE04
x-cache: HIT
content-type: text/css
x-ms-request-id: c1e278f8-f01e-0088-1694-6d33d9000000
cache-control: max-age=15552000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 5295

GET
H2 200 datepicker_dashboard.css
az708830.vo.msecnd.net/scripts/mt-datepicker/datepicker_dashboard/ 6 KB
6 KB 43ms
11ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az708830.vo.msecnd.net/scripts/mt-datepicker/datepicker_dashboard/datepicker_dashboard.css
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD9) /
Resource Hash: 7a0af89f1ec4cae98a8aab887a8df3d103957becda32dafea3e36e80cbcc4a54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:52 GMT
last-modified: Tue, 28 Aug 2018 09:05:35 GMT
server: ECAcc (frc/8FD9)
content-md5: jDig25kDKhCH/hoBLIHQjw==
age: 535215
etag: 0x8D60CC56AC0F16B
x-cache: HIT
content-type: text/css
x-ms-request-id: e8185a92-401e-001b-364c-74e8d3000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 5805

GET
H/1.1 200
OK bootstrap-datetimepicker.min.css
app.grouptogether.com/Css/ 11 KB
3 KB 266ms
265ms Stylesheet
text/css 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Css/bootstrap-datetimepicker.min.css
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07702ecd4c68579ea48e08380fee21388e9a329ff29c5faea3d8cd132b5272ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
ETag: "b6f6dbdaea98d71:0"
Last-Modified: Tue, 24 Aug 2021 13:20:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2085
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK gt-mt-groupcard.css
app.grouptogether.com/Css/ 25 KB
5 KB 484ms
245ms Stylesheet
text/css 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Css/gt-mt-groupcard.css
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 13d65f211946d50b0afd551c447a316d8cf089b58fb583e8b569799e7fb3917c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
ETag: "04e2890c9f1d71:0"
Last-Modified: Wed, 15 Dec 2021 15:36:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4019
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK jquery-ui.css
app.grouptogether.com/Css/ 34 KB
7 KB 513ms
247ms Stylesheet
text/css 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Css/jquery-ui.css
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 131f9a01599019747d190a0bb120d68a346c33974dda870a2356c55f19aa838d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
ETag: "0f621f08657d61:0"
Last-Modified: Sat, 11 Jul 2020 13:26:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6504
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK popups
app.grouptogether.com/css/ 20 KB
6 KB 734ms
248ms Stylesheet
text/css 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/css/popups?v=yHFnQJR--6nuBnTvObyROCv5dJZ20O7dJAhyO7bRYpM1
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4df06a43bd365374fb11dc6268ff4e64decd049db289edf0c2596eb39d241669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Jun 2022 22:18:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 5379
Expires: Mon, 05 Jun 2023 22:18:53 GMT

GET
H/1.1 200
OK collectionsetup
app.grouptogether.com/css/ 542 KB
120 KB 767ms
273ms Stylesheet
text/css 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: caa16bb3bfdf8242473e767627fe6ce528fa179c8f132c2c13ef25f82bf81db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Jun 2022 22:18:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Expires: Mon, 05 Jun 2023 22:18:53 GMT

GET
H/1.1 200
OK sourcebuster.min.js Show response
app.grouptogether.com/Vendor/SourceBuster/ 14 KB
5 KB 747ms
250ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Vendor/SourceBuster/sourcebuster.min.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9a6f5ff983257b92583c9aae7c81ffdd66bc1773fcfdbca526f5476838cce5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
ETag: "805f89ef8657d61:0"
Last-Modified: Sat, 11 Jul 2020 13:26:51 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4547
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK smiley.svg
app.grouptogether.com/Images/images/ 405 B
1002 B 481ms
252ms Image
image/svg+xml 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.grouptogether.com/Images/images/smiley.svg
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d35f0d3209cf02fcec05047b400475211ac675bcdd366935650643fbb0257c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "5077efe1daed61:0"
Last-Modified: Thu, 29 Oct 2020 18:04:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 405
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK flowers_illustrationv2.png
grouptogethersite.blob.core.windows.net/siteres/ 92 KB
92 KB 1150ms
339ms Image
image/png 52.239.131.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grouptogethersite.blob.core.windows.net/siteres/flowers_illustrationv2.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.131.36 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 360e4ce7b66adf42997b20e8a8defc3456d66c77aadb502bf5afda48fec49ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 05 Jun 2022 22:18:54 GMT
Last-Modified: Mon, 27 Sep 2021 11:00:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 7QU1I60AiDDWyb1IExDVYw==
ETag: 0x8D981A5FC9E77B0
Content-Type: image/png
x-ms-request-id: 7d671117-c01e-003a-5a2a-79cca8000000
x-ms-version: 2009-09-19
Content-Length: 94177

GET
H2 200 jquery-3.5.1.min.js Show response
az708830.vo.msecnd.net/scripts/ 87 KB
88 KB 11ms
10ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az708830.vo.msecnd.net/scripts/jquery-3.5.1.min.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E99) /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:53 GMT
last-modified: Wed, 26 Aug 2020 18:23:19 GMT
server: ECAcc (frc/8E99)
content-md5: 3F5/GMjTasHT1HU6h8mNCg==
age: 387171
etag: 0x8D849ED1B8C58A8
x-cache: HIT
content-type: application/javascript
x-ms-request-id: 358965d1-001e-0025-58a4-757fac000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 89476

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 34ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.grouptogether.com/
Origin: https://app.grouptogether.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQefJh1sfCH%2B8Gya%2BCkDRygRW24wHCxMK%2BXIY6ugzTIrX2bJRV5aKJQk7lqG%2Fxp2O5pHNjHsdDgHju8R%2B66aDd%2F%2BsXBsypIysrKFTCfpds0RIha%2Br%2Fvdy6w%2F8Kx69UJsQxp77BFRdJHEn%2B3%2FHeukCVgX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 716c4963ab6c6910-FRA
expires: Fri, 26 May 2023 22:18:53 GMT

GET
H2 200 bootstrap413.min.js Show response
az708830.vo.msecnd.net/scripts/ 50 KB
50 KB 8ms
8ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az708830.vo.msecnd.net/scripts/bootstrap413.min.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2D) /
Resource Hash: 4f3faeec469294b610f6ca82aa1cc2b3368fd56611b31c551c2ee224feadb411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:53 GMT
last-modified: Wed, 26 Aug 2020 10:32:02 GMT
server: ECAcc (frc/8F2D)
content-md5: 5Hqdl2ZjpM5NtZYa+QnrWA==
age: 387171
etag: 0x8D849AB459394F9
x-cache: HIT
content-type: application/javascript
x-ms-request-id: 57c12817-101e-0090-50a4-75ecbe000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 51045

GET
H2 200 mootools-core.js Show response
az708830.vo.msecnd.net/scripts/mt-datepicker/ 127 KB
127 KB 13ms
13ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az708830.vo.msecnd.net/scripts/mt-datepicker/mootools-core.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3D) /
Resource Hash: f7ef18924339c817eeeb5f1248a7e4239d3882860fad5dfcca48ee3e454c0887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:53 GMT
last-modified: Tue, 28 Aug 2018 09:06:12 GMT
server: ECAcc (frc/8F3D)
content-md5: KNo3UShztHCXTNI9wIMCug==
age: 8601128
etag: 0x8D60CC580C60B2B
x-cache: HIT
content-type: application/javascript
x-ms-request-id: 55aef920-601e-006e-0cf0-2a83ff000000
cache-control: max-age=15552000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 129611

GET
H2 200 mootools-more.js Show response
az708830.vo.msecnd.net/scripts/mt-datepicker/ 49 KB
49 KB 14ms
13ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az708830.vo.msecnd.net/scripts/mt-datepicker/mootools-more.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F11) /
Resource Hash: ded137ec5bfaeaa018e90b57152e4b3e57c992d2372e7aafa5f89221153e2b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:53 GMT
last-modified: Tue, 28 Aug 2018 09:06:19 GMT
server: ECAcc (frc/8F11)
content-md5: jowI6xaCdjqpwsIeqgH0uw==
age: 15216583
etag: 0x8D60CC5849E2C5A
x-cache: HIT
content-type: application/javascript
x-ms-request-id: 9e35e81a-c01e-0048-14c5-eecbe7000000
cache-control: max-age=15552000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 50179

GET
H3 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
20 KB 29ms
17ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6613029
x-jsd-version: 4.1.0-rc.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epZAs5VcBGUFqKvDS0q3yKSy38eBGMfE59lopmSwkIbC2XQ1dtEirK9l6XJOvikC1Mu8lTzZMaweXBHjc35IG4wnCAoldYizrGgXA%2F0V99pldQ1K6P5z6%2FSUPSrYI2YKKqp4wYKE4%2FZYtUL80CU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 716c49643c56927a-FRA

GET
H/1.1 200
OK bootstrap-datetimepicker.min.js Show response
app.grouptogether.com/js/ 38 KB
13 KB 264ms
264ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/js/bootstrap-datetimepicker.min.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2962efb284d7145f28de8f7328e8d4b180bf34f2a38189945dbaf1364f7417c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:52 GMT
Content-Encoding: gzip
ETag: "9a6af1daea98d71:0"
Last-Modified: Tue, 24 Aug 2021 13:20:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 12606
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK bootstrap-datetimepicker.fr.js Show response
app.grouptogether.com/js/ 751 B
1 KB 252ms
251ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/js/bootstrap-datetimepicker.fr.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff9fa7c0574b8dccb2203462b1f16d553436aebda335eefa524bda02430c7309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
ETag: "9a6af1daea98d71:0"
Last-Modified: Tue, 24 Aug 2021 13:20:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 560
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK common.js Show response
app.grouptogether.com/Scripts/ 572 B
1 KB 247ms
246ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Scripts/common.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fd40f815b30a2db0446a3cff6000dd0dbeb48c474e8a552d1f442d5139324e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
ETag: "f286b0237329d81:0"
Last-Modified: Thu, 24 Feb 2022 11:39:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 429
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK CheckEmail.js Show response
app.grouptogether.com/Js/ 289 B
978 B 248ms
247ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Js/CheckEmail.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cec6f66c34a49606e16ab5e1de16d5162fc1a1b10a639741e84bab10d52942d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
ETag: "4b9ad87893afd71:0"
Last-Modified: Wed, 22 Sep 2021 09:23:15 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 322
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK jquery-ui-1.8.20.js Show response
app.grouptogether.com/Scripts/ 373 KB
122 KB 304ms
302ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Scripts/jquery-ui-1.8.20.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ea7ae4255ff117ca96ed2c2061c6c7629aacb4cd374a07651453be8ae36f8767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
ETag: "20bbe0daea98d71:0"
Last-Modified: Tue, 24 Aug 2021 13:20:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK collectionsetupjs Show response
app.grouptogether.com/js/ 198 B
941 B 252ms
250ms Script
text/javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/js/collectionsetupjs?v=wNGW2Njq-N7hvAYKzWF5T4vRA57qRDk0-93KK0pBCvg1
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5529f16c962aaeec2f67db137d83ba03afb3d9cfd53f4ad374642952e3124f45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Jun 2022 22:18:54 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 265
Expires: Mon, 05 Jun 2023 22:18:54 GMT

GET
H2 200 roo.png
az708830.vo.msecnd.net/siteres/ 146 KB
147 KB 11ms
10ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://az708830.vo.msecnd.net/siteres/roo.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F15) /
Resource Hash: c0eda8cadc6d3761a9f71fb545e9ddc5e9997d13bd7d626c8f63493de5657ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:53 GMT
last-modified: Tue, 18 Feb 2020 11:24:55 GMT
server: ECAcc (frc/8F15)
content-md5: lTD4hmxJJ+L+PPjqiIegeQ==
age: 14392727
etag: 0x8D7B4652E5BE5A5
x-cache: HIT
content-type: image/png
x-ms-request-id: 11df6602-a01e-0013-6643-f6f2dc000000
cache-control: max-age=15552000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 149887

GET
H/1.1 200
OK angel-emoji.png
grouptogethersite.blob.core.windows.net/siteres/ 5 KB
5 KB 1069ms
254ms Image
image/png 52.239.131.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grouptogethersite.blob.core.windows.net/siteres/angel-emoji.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.131.36 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 876485253fbd791a29fe2266bd2e5862d942b7c16184c0049b47b32ae1712d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 05 Jun 2022 22:18:54 GMT
Last-Modified: Fri, 22 Oct 2021 10:48:51 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 6vk6+hUwwcycmcTSZwcgMQ==
ETag: 0x8D99549894D7A84
Content-Type: image/png
x-ms-request-id: 3a0dc9e7-f01e-006c-5b2a-793d47000000
x-ms-version: 2009-09-19
Content-Length: 4997

GET
H/1.1 200
OK collectiontype Show response
app.grouptogether.com/js/ 2 KB
2 KB 255ms
253ms Script
text/javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/js/collectiontype?v=p6JTYQta78dj1zeReaimXWf3Kiv5vv7PrBo0pTJtv8k1
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f9d63295cb20badc5bb3f5a9f0c323a9644264603da564ff0f46d4f4b0222268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Jun 2022 22:18:54 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 1052
Expires: Mon, 05 Jun 2023 22:18:54 GMT

GET
H2 200 grouptogether-smiley-3.gif
az708830.vo.msecnd.net/siteres/ 9 KB
9 KB 13ms
12ms Image
image/gif 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://az708830.vo.msecnd.net/siteres/grouptogether-smiley-3.gif
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE0) /
Resource Hash: 6c9a234c317b46fe7a412ab807e77af5a74d054c0504bd80f2689dffdb4c50c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 05 Jun 2022 22:18:53 GMT
last-modified: Wed, 04 Nov 2020 16:21:56 GMT
server: ECAcc (frc/8FE0)
content-md5: FIuMjX3+J77wcr+PpKGJkg==
age: 291933
etag: 0x8D880DDBFEAA796
x-cache: HIT
content-type: image/gif
x-ms-request-id: 06071390-b01e-0089-4082-766c05000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 9374

GET
H/1.1 200
OK jquery.ddslick.min.js Show response
app.grouptogether.com/js/ 7 KB
3 KB 259ms
259ms Script
application/x-javascript 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/js/jquery.ddslick.min.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 619cfb5e5c4f3e8308c9a478eb756bf1da3f885589a0b8dc787365e41da126e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
Content-Encoding: gzip
ETag: "24ec921819dd71:0"
Last-Modified: Mon, 30 Aug 2021 09:26:37 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2902
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK cross.svg
app.grouptogether.com/Images/images/ 323 B
921 B 254ms
254ms Image
image/svg+xml 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.grouptogether.com/Images/images/cross.svg
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa4563a954bac8ec89770259b6bae021f196422e945edf72361d7f77ca23f504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "17c578fe1daed61:0"
Last-Modified: Thu, 29 Oct 2020 18:04:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 323
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H2 200 hotjar-203070.js Show response
static.hotjar.com/c/ 5 KB
3 KB 56ms
16ms Script
application/javascript 13.225.77.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-203070.js?sv=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.77.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-77-11.fra2.r.cloudfront.net

Software

Resource Hash

5589fbd6a1d73784ce3794ba6b5c3dba966196d8dd3e05af02d9ae117f304658

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 11
etag: W/7134daf6535d353f234109faadde921c
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 0DM2KQjzTXglWE-B0u73OgdzSaMa9xHYPKccpUxGzJGUMe55HTb_SA==
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
75 KB 81ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea5c06a0f0e76f10747f15648ddedd57c62fb4632849dc5ee34a60e088797cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76058
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Jun 2022 22:18:54 GMT

GET
H/1.1 200
OK verify-modals2.png
app.grouptogether.com/Images/gt-mt-images/ 9 KB
10 KB 248ms
247ms Image
image/png 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.grouptogether.com/Images/gt-mt-images/verify-modals2.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5d01cdbf89530c39c15c4527e740c23e73fefe4c2045866bdfaa2c7b5df26c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "476fc9ea348dd71:0"
Last-Modified: Mon, 09 Aug 2021 15:40:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9406
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK verify-modals3.png
app.grouptogether.com/Images/gt-mt-images/ 11 KB
12 KB 251ms
250ms Image
image/png 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.grouptogether.com/Images/gt-mt-images/verify-modals3.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 64289e36bad1ed242b4068d0a088fe15a6bcd5386d7868653bb053da32b14e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "476fc9ea348dd71:0"
Last-Modified: Mon, 09 Aug 2021 15:40:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11347
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK verify-modal.png
app.grouptogether.com/Images/gt-mt-images/ 7 KB
8 KB 258ms
252ms Image
image/png 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.grouptogether.com/Images/gt-mt-images/verify-modal.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1bef4f2f40ed58a6943ebcb47706ef36cd718827fd51e965c238fb9db1956ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "476fc9ea348dd71:0"
Last-Modified: Mon, 09 Aug 2021 15:40:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7603
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK hello.png
app.grouptogether.com/Images/images/ 50 KB
50 KB 254ms
254ms Image
image/png 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.grouptogether.com/Images/images/hello.png
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fd8a8c5d35d1c6ab4e78175621edb2757de3803d8aea74106414bfc9cd6f05d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "8ada79fe1daed61:0"
Last-Modified: Thu, 29 Oct 2020 18:04:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 51034
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
929 B 62ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Caveat&family=Merriweather+Sans:wght@700&family=Pangolin&family=Secular+One&family=Special+Elite&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3add79597e87d14ef00c1446bc0ec1e653b2cb804ca81031d003b502c052e5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
956 B 64ms
25ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chonburi&family=Nunito&family=Poiret+One&family=Poppins:wght@300;700&family=Staatliches&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd32e35d3eb9b180d2f50a62fbd9e3b8988c3619af83f31048bb9024cb979403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 63ms
25ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=GFS+Didot&family=Lato:wght@700&family=Lora:wght@700&family=Montserrat&family=Poppins:wght@400;700&family=Quicksand:wght@400;600;700&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e558e384d944736bff115266bfe586916f059668f88d3c828da234109e7fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
923 B 61ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Maven+Pro:wght@400;700&family=Niconne&family=Nunito:wght@400;700&family=Playfair+Display:wght@400;700&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e7660556a3b1c54cd428eaff9622d9c12d87cbea4bf74ccdad678f4caca220e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
570 B 77ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Amatic+SC:wght@700&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c51be368ee0862c249b90f61fa8f6d05cb45b32d592e82401c0e065551a798d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
536 B 77ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Sans&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f542aaea346fecbfbc6948b987bbea3c96caf39613bb7362b4f328e344ac327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:17:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
934 B 77ms
43ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Slab:wght@400;700&family=Julius+Sans+One&family=Maven+Pro:wght@700&family=Merriweather:wght@400;700&family=Sue+Ellen+Francisco&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdd61ce41e3838ca362456169a2db50df8d03399a5d196afaeba5f6fb2f54ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 56ms
22ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Exo+2:wght@300&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e042c2b81e60cb2f3d87b77d69ade26667d0445d2827c37caa8d87ed915b50df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
719 B 67ms
34ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Assistant&family=Roboto&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ab4efbd3929dddb58dfde7e9cf405afd739aa0c3eb51c4f2944c45dd57dd731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
492 B 62ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bungee+Shade&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da2efe98f79f804b033673ee57066aff0bc12844f7beaf97641889ea91fcecde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
748 B 73ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alfa+Slab+One&family=Noto+Sans&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

015eb2b5efbb70158fc24a8f2c7ffaec499149f6480d0c41d7e76b7d143c8cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 748 B
430 B 54ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Parisienne&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cd66b8bb038c46c6925997882bf29d546995d652de2493078692828c7d8c9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 761 B
437 B 66ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oleo+Script:wght@700&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d7afab6b3af44d3268dcf68c5ab47115afec06261a2837f8da906789699b1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
795 B 72ms
42ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Gloria+Hallelujah&family=Permanent+Marker&family=Quicksand&family=Raleway:wght@800&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94a2542696e90bf5f4a2fa09ee0be3b3e47db686566139a44367a9a7b3ec7283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
492 B 72ms
43ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@800&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f451921f106a58ae5b02cd1ae8506004dec4fa368abc5450134eff2329937212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
866 B 64ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arimo&family=Cabin+Sketch&family=Open+Sans&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a133446c84f2730f572c5400d1bef444993d296ba67650541ea227bca6d1aa77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
660 B 64ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Herr+Von+Muellerhoff&family=Oleo+Script&family=Quicksand:wght@700&display=swap

Requested by

Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78b25b1078cbd37fb0c5826375eb2bbc9492f2f4bdf66a54e1eae1d8f1c4dd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 22:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Jun 2022 22:18:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jun 2022 22:18:53 GMT

GET
H/1.1 200
OK ModernEraTRIAL-Regular.woff2
app.grouptogether.com/Fonts/modern_era/ 7 KB
8 KB 320ms
247ms Font
application/font-woff2 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Fonts/modern_era/ModernEraTRIAL-Regular.woff2
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6dcc2cabb154a99583f21723a74e13aaf04489f770bbdbb90c2f8e35f2188f20

Request headers

Referer: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1
Origin: https://app.grouptogether.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "b98791b2e2b1d61:0"
Last-Modified: Tue, 03 Nov 2020 13:10:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: application/font-woff2
Accept-Ranges: bytes
Content-Length: 7616
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H/1.1 200
OK ModernEraTRIAL-Medium.woff2
app.grouptogether.com/Fonts/modern_era/ 7 KB
8 KB 412ms
272ms Font
application/font-woff2 23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/Fonts/modern_era/ModernEraTRIAL-Medium.woff2
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 35a6710a8a5d4039bd956ebd6e1036ae10f74958e214fe2091bc364093eaf265

Request headers

Referer: https://app.grouptogether.com/css/collectionsetup?v=W8hUOgBmtDM9tIA2bwOYPYa8JwwHLnKGMEP8b3qNWec1
Origin: https://app.grouptogether.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:53 GMT
ETag: "125090b2e2b1d61:0"
Last-Modified: Tue, 03 Nov 2020 13:10:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: application/font-woff2
Accept-Ranges: bytes
Content-Length: 7540
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H2 200 modules.d0961e771164cd91e405.js Show response
script.hotjar.com/ 243 KB
63 KB 37ms
8ms Script
application/javascript 13.224.198.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0961e771164cd91e405.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-203070.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-15.fra2.r.cloudfront.net

Software

Resource Hash

dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 485088
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64057
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 07:33:23 GMT
etag: "1ed5739adb19197da798013ab080794d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8Tkg2nmIMHNCZTHhL8AV1z4jHBtso7W73R18jUS7S0R_NX2mC75wEw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7186
date: Sun, 05 Jun 2022 20:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 05 Jun 2022 22:19:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 102ms
31ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 22:18:54 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 42ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=43460
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 134ms
105ms Script
application/javascript 2a02:26f0:3500:88c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 62ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZD2GP

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3A11800229F489989104F8E7ABB68C8 Ref B: FRAEDGE1206 Ref C: 2022-06-05T22:18:54Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 05 Jun 2022 22:18:53 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: U4aGxx6oQ3dDLDcELYE7CtJRTl0pkUUVGwNUMOZErJR9N7cahQ2my9tfMV0iKJejdmEl1SOGYu2HCK89MgbVww==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 05 Jun 2022 22:18:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ea19c9812d790163177329d08.js Show response
chimpstatic.com/mcjs-connected/js/users/4ee3845d9aab7ab51cf9f387a/ 1 KB
1 KB 41ms
12ms Script
application/javascript 96.16.131.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/4ee3845d9aab7ab51cf9f387a/ea19c9812d790163177329d08.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-131-108.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ca7b2fa862fe29e4ca33947161ee0ef68f67e995399f078aae987d8c1d9e8903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 100, 93, 105
Date: Sun, 05 Jun 2022 22:18:54 GMT
Content-Encoding: gzip
x-amz-request-id: 75B4B55AEE32DE99
X-EdgeConnect-MidMile-RTT: 0, 0, 0
Connection: keep-alive
Content-Length: 513
x-amz-id-2: eruMnO3YI53hmL3z0ydAcAmRUqSGkbslVvJkide9ZFUKejLYKxyZuhBEBCNIWhDv1e4XL9Re7Oc=
Last-Modified: Wed, 15 Apr 2020 01:14:44 GMT
Server: AmazonS3
ETag: "2959e27e9d485bc25a176efa0b588b8b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=589
Accept-Ranges: bytes
Expires: Sun, 05 Jun 2022 22:28:43 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 46ms
9ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Sun, 05 Jun 2022 22:38:54 GMT

GET
H3 200 1486802968291534 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 65ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1486802968291534?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e4e8057a7dc6ae2614b0787e0373ddd32647d622a5bc2873adf804688c6dc8b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: LonQYjvbUtW4XFJzlfwp/6/nAIvE63QcbgLjYBx5s77Z328qL7aqflRUep+pPyTssRgQ0gwJkaxhozrLV3qsNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 05 Jun 2022 22:18:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654467534214
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Par...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2745052%26time%3D1654467534156%26url%3Dhttps%253A%252F%252Fapp.grouptogether.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Par...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Pa...

0
264 B

219ms
182ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%26utm_source%3DWelcome%2520Series%26utm_medium%3Demail&liSync=true&e_ipv6=AQKlGnKpaiFWegAAAYE18x9SQQm_UWTbTjStID8JHtk5jq0ucgRSEpYV_mTLvmOTfF_ZHbD4RknmoA
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B45CAF0ED11B498882590D7E7250A5B8 Ref B: FRAEDGE1110 Ref C: 2022-06-05T22:18:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXgur21t5JHl4KM1pXrww==
x-li-fabric: prod-lor1

Redirect headers

date: Sun, 05 Jun 2022 22:18:54 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 99970E3ED92749769E386B12AB4905C2 Ref B: FRAEDGE1516 Ref C: 2022-06-05T22:18:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2745052&time=1654467534156&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%26utm_source%3DWelcome%2520Series%26utm_medium%3Demail&liSync=true&e_ipv6=AQKlGnKpaiFWegAAAYE18x9SQQm_UWTbTjStID8JHtk5jq0ucgRSEpYV_mTLvmOTfF_ZHbD4RknmoA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXgur2yGoczaepz3ha9Og==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
20ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=802401993&t=pageview&_s=1&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%23utm_content%3Dmenu-start-collection&ul=en-us&de=UTF-8&dt=Group%20Together%20%7C%20Create%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2128545324&gjid=363413897&cid=107674726.1654467534&tid=UA-43090526-1&_gid=1299404966.1654467534&_r=1&gtm=2wg610M2ZD2GP&cd3=general&z=636997974

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.grouptogether.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.grouptogether.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=802401993&t=event&ni=0&_s=1&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%23utm_content%3Dmenu-start-collection&ul=en-us&de=UTF-8&dt=Group%20Together%20%7C%20Create%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Organiser&ea=Collection&el=Start&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=107674726.1654467534&tid=UA-43090526-1&_gid=1299404966.1654467534&gtm=2wg610M2ZD2GP&cd3=general&z=2016985945

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 20:21:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7054
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134617040.js Show response
bat.bing.com/p/action/ 220 B
475 B 134ms
134ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134617040.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a950e0c3184d1ca3be9e0d1f9f30aca855b5b5dd2f928f3772352802db060a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 29C06479A18245C5970344420686CA5F Ref B: FRAEDGE1206 Ref C: 2022-06-05T22:18:54Z
date: Sun, 05 Jun 2022 22:18:53 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 301

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 375ms
86ms Script
application/javascript 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=005043753a07220fb33ad4389fc4fc7f64
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: gzip
X-TraceId: 0ac36a9d31cf762ebbde981e1f20dcc9
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 375ms
85ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=005043753a07220fb33ad4389fc4fc7f64&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection&optOut=false&bust=06284408820070804
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:54 GMT
Cache-Control: no-cache
X-TraceId: 7fe7ef48631c6f66bd7e1d1f21dd7961
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/666009457/ 3 KB
1 KB 77ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666009457/?random=1654467534217&cv=9&fst=1654467534217&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8&tiba=Group%20Together%20%7C%20Create%20Collection&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab8a3367f8f2378fc39aace183111041dc34b99a8a8e44c07a0ba714e6a73e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1175
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939511155/ 3 KB
2 KB 74ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939511155/?random=1654467534223&cv=9&fst=1654467534223&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8&tiba=Group%20Together%20%7C%20Create%20Collection&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fc9168f743b4ae542d2983309b7d991ce25d6e6a9669dfed8ffbf07c3aeae38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43090526-1&cid=107674726.1654467534&jid=2128545324&gjid=363413897&_gid=1299404966.1654467534&_u=YEBAAEAAAAAAAC~&z=959237284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.grouptogether.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 05 Jun 2022 22:18:54 GMT
content-type: text/plain
access-control-allow-origin: https://app.grouptogether.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 102ms
102ms Script
application/javascript 2a02:26f0:3500:88c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 25ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1486802968291534&ev=PageView&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection&rl=&if=false&ts=1654467534269&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654467534267.2050861226&it=1654467534152&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 05 Jun 2022 22:18:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 25ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1486802968291534&ev=Collection%20Start&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection&rl=&if=false&ts=1654467534270&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654467534267.2050861226&it=1654467534152&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 05 Jun 2022 22:18:54 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 61ms
26ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43090526-1&cid=107674726.1654467534&jid=2128545324&_u=YEBAAEAAAAAAAC~&z=1547666913

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 75ms
35ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43090526-1&cid=107674726.1654467534&jid=2128545324&_u=YEBAAEAAAAAAAC~&z=1547666913

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/939511155/ 42 B
548 B 57ms
25ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939511155/?random=1654467534223&cv=9&fst=1654466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&frm=0&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8&tiba=Group%20Together%20%7C%20Create%20Collection&async=1&fmt=3&is_vtc=1&random=3216586477&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/939511155/ 42 B
154 B 37ms
36ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939511155/?random=1654467534223&cv=9&fst=1654466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&frm=0&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8&tiba=Group%20Together%20%7C%20Create%20Collection&async=1&fmt=3&is_vtc=1&random=3216586477&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/666009457/ 42 B
64 B 55ms
25ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/666009457/?random=1654467534217&cv=9&fst=1654466400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8&tiba=Group%20Together%20%7C%20Create%20Collection&async=1&fmt=3&is_vtc=1&random=1341201443&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/666009457/ 42 B
108 B 37ms
36ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/666009457/?random=1654467534217&cv=9&fst=1654466400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8&tiba=Group%20Together%20%7C%20Create%20Collection&async=1&fmt=3&is_vtc=1&random=1341201443&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134617040 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 202ms
102ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/134617040
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134617040.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 3bcd80c644f45ee69c7edb304d1254877f3e3f330b2dbf8fc9cd2594cf5c6175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:53 GMT
x-powered-by: ASP.NET
x-azure-ref: 0ziudYgAAAAB2cpaNLZDuTrgoxAVaQ0YZTFRTRURHRTEzMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 1586
expires: -1

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
836 B 70ms
42ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614202333356&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A0%7D&cb=1654467534356

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.9b6656b8.1654467534.c049cce8
x-envoy-upstream-service-time: 2
x-pinterest-rid: 4513220379577748
pin-unauth: dWlkPU5EaGtZV0ptTjJJdE1HRTROQzAwT1RRd0xUa3dOek10TmpsaU9XTTRZak16WkRNMA
access-control-allow-origin: https://app.grouptogether.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 69ms
44ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614202333356&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A0%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654467534360

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9b6656b8.1654467534.c049cced
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1799696832565944
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 50ms
49ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=addtocart&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614202333356&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A0%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654467534361

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:54 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9b6656b8.1654467534.c049cd52
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 3736194958088716
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.34/ 53 KB
23 KB 304ms
99ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/134617040
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
content-encoding: br
etag: "1d8778699f9e854"
last-modified: Fri, 03 Jun 2022 20:15:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1486802968291534&ev=Lead&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection&rl=&if=false&ts=1654467534768&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1654467534267.2050861226&it=1654467534152&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 05 Jun 2022 22:18:54 GMT

GET
H/1.1

200
OK

signin Show response
app.grouptogether.com/account/
Redirect Chain

https://app.grouptogether.com/Account/GetCountryList
https://app.grouptogether.com/account/signin?ReturnUrl=%2fAccount%2fGetCountryList

23 KB
9 KB

258ms
258ms

XHR
text/html

23.101.208.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.grouptogether.com/account/signin?ReturnUrl=%2fAccount%2fGetCountryList
Requested by: Host: app.grouptogether.com
URL: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
Protocol: HTTP/1.1
Server: 23.101.208.52 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-sy3-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: afdf3e5831e21492c9d9883d479aac142ccd2c3055fce90d9daff8f787c27d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/collectionsetup?utm_source=Welcome%20Series&utm_medium=email&utm_campaign=Welcome%20Series%20%7C%20Non%20Parent%20Gift%20Contributor%2C%20Email%20&_kx=PvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 22:18:54 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 8961

Redirect headers

Date: Sun, 05 Jun 2022 22:18:54 GMT
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: /account/signin?ReturnUrl=%2fAccount%2fGetCountryList
Cache-Control: private
Content-Length: 170

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134617040&tm=gtm002&Ver=2&mid=a4c8be2b-b763-41d8-85a9-4b98814b3ac5&sid=7c8d7340e51d11ec9b4347673fd6304c&vid=7c8d95c0e51d11eca9f38b8ad9dcacdc&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Group%20Together%20%7C%20Create%20Collection&p=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection&r=&lt=3229&evt=pageLoad&msclkid=N&sv=1&rn=842216

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E056556020544DEB912E57C9787C79C Ref B: FRAEDGE1206 Ref C: 2022-06-05T22:18:54Z
date: Sun, 05 Jun 2022 22:18:54 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame B1C8 2 KB
1 KB 35ms
7ms Document
text/html 13.224.198.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-203070.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-35.fra2.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://app.grouptogether.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 485088
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-id: hG56uDQeG3o8QUI4478RzAkDluJ57Z2u_6VOtkuvJKqaoyKWWEA18w==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 204 203070 Show response
vc.hotjar.io/sessions/ 0
255 B 75ms
33ms XHR
text/plain 13.225.77.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/203070?s=0.25&r=0.13028663012707575
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0961e771164cd91e405.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-109.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:54 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: bZyDfFlgoLVos-VjSK5CxLotObO14WrKqY9t-ucaBVxVMgcftdyvbg==

POST
H2 204 collect Show response
e.clarity.ms/ 0
74 B 195ms
194ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.grouptogether.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://app.grouptogether.com
date: Sun, 05 Jun 2022 22:18:54 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=4A1DE506F5EB4D57A00C753F289849DD&RedC=c.clarity.ms&MXFR=2ADEB9B50E8B687C0740A80F0A8B66E7
https://c.clarity.ms/c.gif?CtsSyncId=4A1DE506F5EB4D57A00C753F289849DD&MUID=3248EE2D51C26F9B3CC3FF9750106E71

42 B
368 B

28ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=4A1DE506F5EB4D57A00C753F289849DD&MUID=3248EE2D51C26F9B3CC3FF9750106E71
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:55 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 05 Jun 2022 22:18:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1D742DAF4844CE7A8438EF40C790D8F Ref B: FRAEDGE1206 Ref C: 2022-06-05T22:18:55Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=4A1DE506F5EB4D57A00C753F289849DD&MUID=3248EE2D51C26F9B3CC3FF9750106E71
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/jbxyxjkx
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

43ms
8ms

Script
application/javascript

13.225.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Server: 13.225.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9956293a30636f9a59b6e6f12a0f7a67e3e47b6b1b7eb57830eb6eba6ce5f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 05 Jun 2022 22:16:00 GMT
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 16:20:52 GMT
server: AmazonS3
age: 176
etag: "51d2d52710e9fbb4dd7724b3e7787ab6"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6151
x-amz-cf-id: nhLRe3O25K3ENTaUKVewTSQScFCFyJbIpDtIZLEkKpBWzw6PH5C9fA==

Redirect headers

date: Thu, 26 May 2022 05:23:33 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: AmazonS3
age: 924923
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: BbRhnQGTZ8VyaBxpE6dHbeh5ejVIbiR56sBfSVeWXI36Q1AQmhPRRQ==

GET
H2 200 frame-modern.ba8103e2.js Show response
js.intercomcdn.com/ Frame C50E 315 KB
84 KB 9ms
8ms Script
application/javascript 13.225.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.ba8103e2.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jbxyxjkx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5955d593fe4eb88fa70144af47584e4af2160066a95735af1578b3294e6e456a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 05 Jun 2022 20:20:58 GMT
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 16:19:37 GMT
server: AmazonS3
age: 7077
etag: "0093397febb49815b6f612f1fcc1d5b2"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 85428
x-amz-cf-id: pa8TTMVicO0k2NIirToHwnZ75vx1k8n6oFotqxiA57lfs9Pqaq2c_A==

GET
H2 200 vendor-modern.e2abccf6.js Show response
js.intercomcdn.com/ Frame C50E 129 KB
40 KB 19ms
18ms Script
application/javascript 13.225.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.e2abccf6.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jbxyxjkx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 136a8488c96ec5dce07ed5cc4cf23b4f7a8483ff4441d3b651893817af095d12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 05 Jun 2022 21:55:12 GMT
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 16:19:37 GMT
server: AmazonS3
age: 1424
etag: "9a0b7f3b6a106273493fad376d96015a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 40105
x-amz-cf-id: sYMr0bizljUogTFGRcNBq2O8XtujG9399-laLqLmnAvkqlkaLWfjeA==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame C50E 4 KB
2 KB 629ms
423ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ba8103e2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

21439e5902499e1b6bc50e58be01a52228c5716a3542b0662188c04de684df19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 05 Jun 2022 22:18:56 GMT
content-encoding: gzip
x-ami-version: ami-0b6a6480dd0a84b5c
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0008pp6qc31dqmsdi46g
x-runtime: 0.315278
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"21439e5902499e1b6bc50e58be01a522"
x-ratelimit-remaining: 13330
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.grouptogether.com
x-intercom-version: ad573e63bf8ddbdf34c82e3247e641d5ee647f9f
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1654467540
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1486802968291534&ev=Microdata&dl=https%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection&rl=&if=false&ts=1654467535790&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Group%20Together%20%7C%20Create%20Collection%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=3&o=30&fbp=fb.1.1654467534267.2050861226&it=1654467534152&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.grouptogether.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:18:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 05 Jun 2022 22:18:55 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 98ms
96ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.grouptogether.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://app.grouptogether.com
date: Sun, 05 Jun 2022 22:18:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.grouptogether.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wcc54oxisb5iilb4eho3kyki
.app.grouptogether.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 0142b114aac6b1fc5204da51758aa8ec1b803a897c64dea23c21ea0fb16c447e
.app.grouptogether.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 0142b114aac6b1fc5204da51758aa8ec1b803a897c64dea23c21ea0fb16c447e
.grouptogether.com/	1970-01-20 05:44:03	Name: _gcl_au Value: 1.1.1979385065.1654467534
.grouptogether.com/	1970-01-20 21:05:39	Name: _ga Value: GA1.2.107674726.1654467534
.grouptogether.com/	1970-01-20 03:35:53	Name: _gid Value: GA1.2.1299404966.1654467534
.grouptogether.com/	1970-01-20 03:34:27	Name: _gat_UA-43090526-1 Value: 1
.bing.com/	1970-01-20 12:56:03	Name: MUID Value: 3248EE2D51C26F9B3CC3FF9750106E71
.grouptogether.com/	1970-01-20 05:44:03	Name: _fbp Value: fb.1.1654467534267.2050861226
.doubleclick.net/	1970-01-20 03:34:28	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 04:17:39	Name: UserMatchHistory Value: AQJC4nuXVYb8XAAAAYE18x3YGiawqtGJlV740wAUjp4axudxhBIWsKgOI0z1wKeOLbXJl4Rc8xL6Rw
.linkedin.com/	1970-01-20 04:17:39	Name: AnalyticsSyncHistory Value: AQIiVoqLJlFyfQAAAYE18x3YtVPWmN73-m2oly-QKvP_18SrtT5kZbEOTP0Zyv28-YiHV50jPlSoYrdb_hCwYg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:06:21	Name: bcookie Value: "v=2&444158f1-4f1c-44a6-8ff9-81e74a93cd8a"
.linkedin.com/	1970-01-20 03:35:53	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2673:u=1:x=1:i=1654467534:t=1654553934:v=2:sig=AQH4g7W_RSEBftPhvDArkfDpqbnoYMjW"
.app.grouptogether.com/	1970-01-20 12:20:03	Name: _pin_unauth Value: dWlkPU5EaGtZV0ptTjJJdE1HRTROQzAwT1RRd0xUa3dOek10TmpsaU9XTTRZak16WkRNMA
.ct.pinterest.com/	1970-01-20 12:20:03	Name: _pinterest_ct_ua Value: "TWc9PSY0cWhWK1d4b0Z0MU1HQkx0KzdDZksvYVRlY3FoYWU3U3J6L1dqUGE4R1ZycXoxc1pQbXdEMkxMUkQ5bGZQK1B4MUN3RTlHT0pUeWlBZzI0UEt2MzNOMWhLcDRBV2dmb1FDSklpL0t1WXZVWT0mMDBLS3RLTUVLaDJCK1lGU3VuekJHUlpmZXY4PQ=="
www.clarity.ms/	1970-01-20 12:20:03	Name: CLID Value: 2331bc8777994a839a0c0a8717ff5260.20220605.20230605
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:06:21	Name: bscookie Value: "v=1&2022060522185451ad7009-8a01-477e-8fda-55fc7b49f1ebAQEGSSGxJ6td-fTad5dOPrRkTWDp7ViH"
.linkedin.com/	1970-01-20 21:02:31	Name: li_gc Value: MTswOzE2NTQ0Njc1MzQ7MjswMjFIQ/Mw2yUW9n83QtxDmztKojEK+EDTOojON+iYzRYs0w==
app.grouptogether.com/	1970-01-20 03:34:27	Name: outbrain_cid_fetch Value: true
.app.grouptogether.com/	1970-01-20 05:44:03	Name: visitordef Value: organiser
.app.grouptogether.com/	1970-01-20 04:17:39	Name: sbjs_migrations Value: 1418474375998%3D1
.app.grouptogether.com/	1970-01-20 04:17:39	Name: sbjs_current_add Value: fd%3D2022-06-05%2022%3A18%3A54%7C%7C%7Cep%3Dhttps%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%7C%7C%7Crf%3D%28none%29
.app.grouptogether.com/	1970-01-20 04:17:39	Name: sbjs_first_add Value: fd%3D2022-06-05%2022%3A18%3A54%7C%7C%7Cep%3Dhttps%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection%7C%7C%7Crf%3D%28none%29
.app.grouptogether.com/	1970-01-20 04:17:39	Name: sbjs_current Value: typ%3Dutm%7C%7C%7Csrc%3DWelcome%2520Series%7C%7C%7Cmdm%3Demail%7C%7C%7Ccmp%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.app.grouptogether.com/	1970-01-20 04:17:39	Name: sbjs_first Value: typ%3Dutm%7C%7C%7Csrc%3DWelcome%2520Series%7C%7C%7Cmdm%3Demail%7C%7C%7Ccmp%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.app.grouptogether.com/	1970-01-20 04:17:39	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F102.0.5005.61%20Safari%2F537.36
.app.grouptogether.com/	1970-01-20 03:34:27	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fapp.grouptogether.com%2Fcollectionsetup%3Futm_source%3DWelcome%2520Series%26utm_medium%3Demail%26utm_campaign%3DWelcome%2520Series%2520%257C%2520Non%2520Parent%2520Gift%2520Contributor%252C%2520Email%2520%26_kx%3DPvWVPWpVpieeE75EUy_o9g74A1FS-yAUhP9XzdyqdfKeFvi-fux3Sz6oSIJ2MFqf.SPVrx8%232%26utm_content%3Dmenu-start-collection
.grouptogether.com/	1970-01-20 03:35:53	Name: _uetsid Value: 7c8d7340e51d11ec9b4347673fd6304c
.grouptogether.com/	1970-01-20 12:56:03	Name: _uetvid Value: 7c8d95c0e51d11eca9f38b8ad9dcacdc
.grouptogether.com/	1970-01-20 12:20:03	Name: _hjSessionUser_203070 Value: eyJpZCI6IjFjNjJiYmU2LWI3ODAtNTY3NC1iMzM1LThjZWRjZWIzZmEyNiIsImNyZWF0ZWQiOjE2NTQ0Njc1MzQwODMsImV4aXN0aW5nIjpmYWxzZX0=
.grouptogether.com/	1970-01-20 03:34:29	Name: _hjFirstSeen Value: 1
app.grouptogether.com/	1970-01-20 03:34:27	Name: _hjIncludedInSessionSample Value: 0
.grouptogether.com/	1970-01-20 03:34:29	Name: _hjSession_203070 Value: eyJpZCI6ImMxOTBhZDJlLTM4OWEtNDAwYy1iOThlLWM5MzNhYjI0MGUwYSIsImNyZWF0ZWQiOjE2NTQ0Njc1MzQ4ODUsImluU2FtcGxlIjpmYWxzZX0=
.grouptogether.com/	1970-01-20 03:34:29	Name: _hjAbsoluteSessionInProgress Value: 1
.grouptogether.com/	1970-01-20 12:20:03	Name: _clck Value: 3sgrau\|1\|f22\|0
.grouptogether.com/	1970-01-20 03:35:53	Name: _clsk Value: jxb1rw\|1654467535311\|1\|1\|e.clarity.ms/collect
.c.bing.com/	1970-01-20 12:56:03	Name: SRM_B Value: 3248EE2D51C26F9B3CC3FF9750106E71
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:56:03	Name: MUID Value: 3248EE2D51C26F9B3CC3FF9750106E71
.c.clarity.ms/	1970-01-20 03:34:28	Name: ANONCHK Value: 0
.grouptogether.com/	1970-01-20 10:03:17	Name: intercom-id-jbxyxjkx Value: 05dca110-393f-4250-b630-140fc1c67013
.grouptogether.com/	1970-01-20 03:44:32	Name: intercom-session-jbxyxjkx Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
api-iam.intercom.io
app.grouptogether.com
az708830.vo.msecnd.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
chimpstatic.com
connect.facebook.net
ct.pinterest.com
e.clarity.ms
fonts.googleapis.com
googleads.g.doubleclick.net
grouptogethersite.blob.core.windows.net
js.intercomcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
trk.klclick.com
vars.hotjar.com
vc.hotjar.io
widget.intercom.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.75.88.209
13.107.42.14
13.224.198.15
13.224.198.35
13.224.198.39
13.225.77.109
13.225.77.11
13.225.77.30
142.250.185.226
20.234.93.27
20.62.48.180
23.101.208.52
23.35.237.86
2600:9000:21f3:ea00:14:c8fd:7700:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6810:5614
2606:4700::6811:180e
2620:1ec:21::14
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c07::9c
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:88c::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.239.131.36
70.42.32.63
96.16.131.108
99.83.219.81
015eb2b5efbb70158fc24a8f2c7ffaec499149f6480d0c41d7e76b7d143c8cb2
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
07702ecd4c68579ea48e08380fee21388e9a329ff29c5faea3d8cd132b5272ff
0ab4efbd3929dddb58dfde7e9cf405afd739aa0c3eb51c4f2944c45dd57dd731
0cd66b8bb038c46c6925997882bf29d546995d652de2493078692828c7d8c9f5
0f542aaea346fecbfbc6948b987bbea3c96caf39613bb7362b4f328e344ac327
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131f9a01599019747d190a0bb120d68a346c33974dda870a2356c55f19aa838d
136a8488c96ec5dce07ed5cc4cf23b4f7a8483ff4441d3b651893817af095d12
13d65f211946d50b0afd551c447a316d8cf089b58fb583e8b569799e7fb3917c
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1bef4f2f40ed58a6943ebcb47706ef36cd718827fd51e965c238fb9db1956ee6
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d7afab6b3af44d3268dcf68c5ab47115afec06261a2837f8da906789699b1a5
21439e5902499e1b6bc50e58be01a52228c5716a3542b0662188c04de684df19
2962efb284d7145f28de8f7328e8d4b180bf34f2a38189945dbaf1364f7417c9
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35a6710a8a5d4039bd956ebd6e1036ae10f74958e214fe2091bc364093eaf265
360e4ce7b66adf42997b20e8a8defc3456d66c77aadb502bf5afda48fec49ab8
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3add79597e87d14ef00c1446bc0ec1e653b2cb804ca81031d003b502c052e5ce
3bcd80c644f45ee69c7edb304d1254877f3e3f330b2dbf8fc9cd2594cf5c6175
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4df06a43bd365374fb11dc6268ff4e64decd049db289edf0c2596eb39d241669
4f3faeec469294b610f6ca82aa1cc2b3368fd56611b31c551c2ee224feadb411
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
5529f16c962aaeec2f67db137d83ba03afb3d9cfd53f4ad374642952e3124f45
5589fbd6a1d73784ce3794ba6b5c3dba966196d8dd3e05af02d9ae117f304658
5955d593fe4eb88fa70144af47584e4af2160066a95735af1578b3294e6e456a
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5d35f0d3209cf02fcec05047b400475211ac675bcdd366935650643fbb0257c1
5e4e8057a7dc6ae2614b0787e0373ddd32647d622a5bc2873adf804688c6dc8b
5fc9168f743b4ae542d2983309b7d991ce25d6e6a9669dfed8ffbf07c3aeae38
619cfb5e5c4f3e8308c9a478eb756bf1da3f885589a0b8dc787365e41da126e7
64289e36bad1ed242b4068d0a088fe15a6bcd5386d7868653bb053da32b14e66
6c9a234c317b46fe7a412ab807e77af5a74d054c0504bd80f2689dffdb4c50c2
6dcc2cabb154a99583f21723a74e13aaf04489f770bbdbb90c2f8e35f2188f20
78b25b1078cbd37fb0c5826375eb2bbc9492f2f4bdf66a54e1eae1d8f1c4dd48
7a0af89f1ec4cae98a8aab887a8df3d103957becda32dafea3e36e80cbcc4a54
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
876485253fbd791a29fe2266bd2e5862d942b7c16184c0049b47b32ae1712d40
8ab8a3367f8f2378fc39aace183111041dc34b99a8a8e44c07a0ba714e6a73e2
94a2542696e90bf5f4a2fa09ee0be3b3e47db686566139a44367a9a7b3ec7283
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6f5ff983257b92583c9aae7c81ffdd66bc1773fcfdbca526f5476838cce5cc
9e7660556a3b1c54cd428eaff9622d9c12d87cbea4bf74ccdad678f4caca220e
a0816f014831e6dfb10906f0d035f73895382603ad84e6bd439c889758c4037f
a133446c84f2730f572c5400d1bef444993d296ba67650541ea227bca6d1aa77
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a950e0c3184d1ca3be9e0d1f9f30aca855b5b5dd2f928f3772352802db060a15
afdf3e5831e21492c9d9883d479aac142ccd2c3055fce90d9daff8f787c27d34
b00feb10bbe1cfed76dbea625a38ac7013a6461f031039728fa24727937a67ac
b5d01cdbf89530c39c15c4527e740c23e73fefe4c2045866bdfaa2c7b5df26c8
bd32e35d3eb9b180d2f50a62fbd9e3b8988c3619af83f31048bb9024cb979403
c0eda8cadc6d3761a9f71fb545e9ddc5e9997d13bd7d626c8f63493de5657ce9
c51be368ee0862c249b90f61fa8f6d05cb45b32d592e82401c0e065551a798d6
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ca7b2fa862fe29e4ca33947161ee0ef68f67e995399f078aae987d8c1d9e8903
caa16bb3bfdf8242473e767627fe6ce528fa179c8f132c2c13ef25f82bf81db3
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cec6f66c34a49606e16ab5e1de16d5162fc1a1b10a639741e84bab10d52942d0
d9956293a30636f9a59b6e6f12a0f7a67e3e47b6b1b7eb57830eb6eba6ce5f7e
da2efe98f79f804b033673ee57066aff0bc12844f7beaf97641889ea91fcecde
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded137ec5bfaeaa018e90b57152e4b3e57c992d2372e7aafa5f89221153e2b48
e042c2b81e60cb2f3d87b77d69ade26667d0445d2827c37caa8d87ed915b50df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e558e384d944736bff115266bfe586916f059668f88d3c828da234109e7fa09b
ea087dec3e1ab60a0cfc17d8ceb237d2076e7a872d55d00e92cac615aab43489
ea5c06a0f0e76f10747f15648ddedd57c62fb4632849dc5ee34a60e088797cf6
ea7ae4255ff117ca96ed2c2061c6c7629aacb4cd374a07651453be8ae36f8767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f451921f106a58ae5b02cd1ae8506004dec4fa368abc5450134eff2329937212
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f7ef18924339c817eeeb5f1248a7e4239d3882860fad5dfcca48ee3e454c0887
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9d63295cb20badc5bb3f5a9f0c323a9644264603da564ff0f46d4f4b0222268
fa4563a954bac8ec89770259b6bae021f196422e945edf72361d7f77ca23f504
fd40f815b30a2db0446a3cff6000dd0dbeb48c474e8a552d1f442d5139324e62
fd8a8c5d35d1c6ab4e78175621edb2757de3803d8aea74106414bfc9cd6f05d7
fdd61ce41e3838ca362456169a2db50df8d03399a5d196afaeba5f6fb2f54ca9
ff9fa7c0574b8dccb2203462b1f16d553436aebda335eefa524bda02430c7309

app.grouptogether.com Open in urlscan Pro 23.101.208.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

96 %HTTPS

51 %IPv6

27 Domains

37 Subdomains

32 IPs

5 Countries

1568 kBTransfer

3838 kBSize

45 Cookies

3 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.grouptogether.com Open in urlscan Pro
23.101.208.52 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

96 %
HTTPS

51 %
IPv6

27
Domains

37
Subdomains

32
IPs

5
Countries

1568 kB
Transfer

3838 kB
Size

45
Cookies

103 HTTP transactions
0 data transactions